Reply
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- « Previous
-
- 1
- 2
- Next »
Highlighted
Re: VIA Client losing Connection Profile and Going back to the Default
10-16-2011 07:27 AM
Right,
If I clear the profile I point at the controller and login I get the xxx_via_IT profile, I close the client and reconnect I get default when I connect and login to the controller I still get default which has nothing configured.
I have included all the show commands.
(Kings_VPN) #show aaa authentication via auth-profile default
VIA Authentication Profile "default"
------------------------------------
Parameter Value
--------- -----
Default Role default-via-role
Server Group via_server_group
Description Default VIA Authenication Profile
(Kings_VPN) #show aaa server-group via_server_group
Fail Through:No
Auth Servers
------------
Name Server-Type trim-FQDN Match-Type Match-Op Match-Str
---- ----------- --------- ---------- -------- ---------
NDS1 Ldap No
NDS0 Ldap No
Role/VLAN derivation rules
---------------------------
Priority Attribute Operation Operand Type Action Value Validated
-------- --------- --------- ------- ---- ------ ----- ---------
1 groupMembership equals cn=vpn_users,ou=Services,o=xxx String set role xxx-via-role No
2 groupMembership equals cn=it_vpn_users,ou=Services,o=xxx String set role xxx-it-via No
(Kings_VPN) #show aaa authentication via connection-profile
VIA Connection Profile List
---------------------------
Name References Profile Status
---- ---------- --------------
xxx_via 1
xxx_via_IT 1
default 0
user-role xxx-via-role
via "xxx_via"
access-list session allowall
user-role xxx-it-via
via "xxx_via_IT"
access-list session allowall
If I clear the profile I point at the controller and login I get the xxx_via_IT profile, I close the client and reconnect I get default when I connect and login to the controller I still get default which has nothing configured.
I have included all the show commands.
(Kings_VPN) #show aaa authentication via auth-profile default
VIA Authentication Profile "default"
------------------------------------
Parameter Value
--------- -----
Default Role default-via-role
Server Group via_server_group
Description Default VIA Authenication Profile
(Kings_VPN) #show aaa server-group via_server_group
Fail Through:No
Auth Servers
------------
Name Server-Type trim-FQDN Match-Type Match-Op Match-Str
---- ----------- --------- ---------- -------- ---------
NDS1 Ldap No
NDS0 Ldap No
Role/VLAN derivation rules
---------------------------
Priority Attribute Operation Operand Type Action Value Validated
-------- --------- --------- ------- ---- ------ ----- ---------
1 groupMembership equals cn=vpn_users,ou=Services,o=xxx String set role xxx-via-role No
2 groupMembership equals cn=it_vpn_users,ou=Services,o=xxx String set role xxx-it-via No
(Kings_VPN) #show aaa authentication via connection-profile
VIA Connection Profile List
---------------------------
Name References Profile Status
---- ---------- --------------
xxx_via 1
xxx_via_IT 1
default 0
user-role xxx-via-role
via "xxx_via"
access-list session allowall
user-role xxx-it-via
via "xxx_via_IT"
access-list session allowall
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: VIA Client losing Connection Profile and Going back to the Default
10-16-2011 07:34 AM
Yes, but WHO are you logging in as when you connect and what role do they end up in?
*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: VIA Client losing Connection Profile and Going back to the Default
10-16-2011 07:39 AM
Right I am logging in as me all the time and when I download the profile at the begin I get the xxx_via_IT one. After I connected and disconnect and loaded the client again I get asked to enter my username and password which I do, and I get the default one and won't let me change or use the xxx_via_IT one.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: VIA Client losing Connection Profile and Going back to the Default
10-17-2011 02:02 AM
Hi Dude,
I found out now it keeps using the default role on the authentication profile and not going down to the ldap server to set the role based on the user.
I found out now it keeps using the default role on the authentication profile and not going down to the ldap server to set the role based on the user.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: VIA Client losing Connection Profile and Going back to the Default
10-17-2011 04:30 AM
I just confirmed that we do have a bug where the VIA connection using a non-default server-group in its auth-profile still derives role from the default server-group. This is scheduled to be fixed on ArubaOS 6.1.24 which is not out yet. You can either wait for that release or open a case for them to replicate your issue.
*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
- « Previous
-
- 1
- 2
- Next »