Security

last person joined: 22 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Aruba Instant + NPS server authentication issues (Event ID 18)

This thread has been viewed 4 times

  • 1.  Aruba Instant + NPS server authentication issues (Event ID 18)

    Posted Mar 17, 2016 05:32 PM

    Hello everyone !

     

    I'm currently stuck on some weird issues. NPS server's event viewer sends a lot of those error messages (Event ID 18). 

     

    I tried multiple times to re-enter the shared secret on both the NPS Client and Instant AP RADIUS Server info. When I re-enter the secret, the authentications work for some time and then they stop working and results in this error again.

     

    18.jpg

     

    When I look into Wireshark, I see Acces-Request from IAP to NPS and Access-Challenge from NPS to IAP. I don't see any Access-Accept or Access-Reject. I guess the IAP doesn't receive it.

     

    I also tried re-creating radius server and upgrading firmware to latest General Avaibality (6.4.2.6 4.1.1.12)

     

    Thanks !



  • 2.  RE: Aruba Instant + NPS server authentication issues (Event ID 18)

    EMPLOYEE
    Posted Mar 17, 2016 05:35 PM

    Double check the radius secret.



  • 3.  RE: Aruba Instant + NPS server authentication issues (Event ID 18)

    Posted Mar 17, 2016 05:36 PM
    Can you try using a very simple shared key?
    Something like "aruba123"

    Sent from Outlook for iPhone


  • 4.  RE: Aruba Instant + NPS server authentication issues (Event ID 18)

    Posted Mar 17, 2016 05:45 PM

    Thanks for the quick answer guys.

     

    I must have re-entered it 4-5 times, my key is Test123! and I even verified keyboard language on NPS server. Still, if I enter it again, it works for some time.

     

    I'm also using Radius Proxy on VC ip adress.

     

    Thanks !



  • 5.  RE: Aruba Instant + NPS server authentication issues (Event ID 18)

    Posted Mar 17, 2016 05:59 PM
    For testing purposes can you try just test123 and see if it works


  • 6.  RE: Aruba Instant + NPS server authentication issues (Event ID 18)

    Posted Mar 17, 2016 06:06 PM

    Alright, i'll try this tomorrow morning and update you !



  • 7.  RE: Aruba Instant + NPS server authentication issues (Event ID 18)

    EMPLOYEE
    Posted Mar 17, 2016 06:25 PM
    Actually on NPS there is an option to verify the message authenticator attribute. Uncheck that.


  • 8.  RE: Aruba Instant + NPS server authentication issues (Event ID 18)

    Posted Mar 17, 2016 07:59 PM

    Ok thx ill get back to you guys tomorrow morning !!



  • 9.  RE: Aruba Instant + NPS server authentication issues (Event ID 18)

    Posted Mar 18, 2016 11:43 AM

    ok so : 

     

    1. secret is now aruba123
    2. dynamic radius proxy is off and i manually added the IAPs in NPS server
    3. Message authenticator attribute was deactivated

    Same problem persist. There is 3 sites, 1 of them is with IAP-225 and Cisco switch, everything works well and all authentications to the same NPS server are ok.

     

    2 other sites are with IAP-215 and Juniper EX4200, no FW and have both the same issues.

     

    I'm starting to think this is a Juniper feature/firmware issue or IAP-215 interoporability problem.

     

    Thoughts ?



  • 10.  RE: Aruba Instant + NPS server authentication issues (Event ID 18)

    Posted Mar 20, 2016 10:33 PM
    Can you run the following command and share the output:
    IAP-2# show ap debug auth-trace-buf

    -----------------


  • 11.  RE: Aruba Instant + NPS server authentication issues (Event ID 18)

    Posted Mar 21, 2016 06:31 PM

    Hi, 

     

    only way I was able to solve this problem is with a factory reset on both IAP-215 clusters (2 separate VCs).

     

    Sorry, I don't have outpute since iv'e read this too late.