Security

Reply
Highlighted
SBS
Contributor II

One machine can't connect to wifi (and major snarkiness)

Hello,  This is probably more of a venting post than anything, perhaps I'm looking for a retort / ammo / suggestion to the snarky comments I keep hearing from a co-worker. History:  There is a single laptop in our 10s of thousands of laptops that won't connect to wifi to our enterprise wifi (802.1x).  The computer technician reimaged the machine twice, did some AD tweaks, etc but still can't get it to connect to our 802.1x wifi.  When they are attempting to connect to the 802.1x wifi I don't even seen the wifi mac associating at all to the wireless AP (but there are other 802.1x clients on the same wap).   The technician tried an open ssid that we have for testing and could connect the laptop to that successfully.  I asked if they could please try another wifi nic card as a test.  They did and were able to connect to our enterprise wifi just fine on that USB wifi nic test.  So I said sounds like a problem with the onboard wifi nic.  But the guy just doesn't want to let it go, saying well it connects to the open wifi fine, he's saying that he thoerizes somehow the wifi mac of the nonworking nic is somehow blocked on our controllers (Not true).  I should probably just let it go but it's bothering met that he keeps saying it's something on the wifi controller.  I don't believe it is, as mentioned I dont' even see the wifi mac associating at all on the controller when he tries to connect to the enterprise wifi when I issue this command, it doesn't show up at all.

(MMC-Primary) [mynode] #show global-user-table list mac-addr (enter mac here)

 

Any suggestions on how I can help him understand  / shut down his theory.  Guess I'm being stubborn in this case as I feel the controllers are not being fairly characterized.


Thank you

 

Frequent Contributor II

Re: One machine can't connect to wifi (and major snarkiness)

Which method are you using for authentication? EAP-PEAP, TLS?


Daniel Méndez Vargas
ACMP, ACCP
SBS
Contributor II

Re: One machine can't connect to wifi (and major snarkiness)

eap-peap

Frequent Contributor II

Re: One machine can't connect to wifi (and major snarkiness)

Have you tried to configure the WiFi profile manually to avoid misconfiguration?


Daniel Méndez Vargas
ACMP, ACCP
Guru Elite

Re: One machine can't connect to wifi (and major snarkiness)

The client will not show up in the user table unless it successfully obtains an ip address.  One think you can try is to upgrade the driver on the laptop to the latest version.

 

If that doesn't work, you can enable debugging for that client:

 

(ArubaMM-VA) *[mynode] #cd /md
(ArubaMM-VA) *[md] #configure t
(ArubaMM-VA) *[md] (config) #logging user-debug <mac address>
(ArubaMM-VA) *[md] (config) #write mem

Wait about 60 seconds for the debug command to propagage (you can type "show switches" over and over again to monitor this

 

Try to associate the device to the SSID and allow it to fail.  Your challenge will be is that we do not know what controller the device will end up on, so just SSH into one of the MDs and type:

"show log user-debug all" and see if there is any traffic from that mac address.  If there is none, SSH into the next MD, type "show log user-debug all".

 

If you don't see any messages, keep going until you find an md with debug messages for your client.

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
SBS
Contributor II

Re: One machine can't connect to wifi (and major snarkiness)

I believe they ordered a new motherboard that will have a new onboard nic, but i'll ask that question if it happens again. Thank you!

SBS
Contributor II

Re: One machine can't connect to wifi (and major snarkiness)

Ah okay so what you're saying is that I can debug on the specific MD and possibly get more information than the global user table would summarize.   Thanks, didn't know that will give it a try next time.  I appreciate it.

SBS
Contributor II

Re: One machine can't connect to wifi (and major snarkiness)

Is there a recommended level for the logging of a user-debug?

 

I entered logging user-debug (wifi mac) and it gives me incomplete command.

Options are:
level

process

Subcat

What should i specify? Thank you

Guru Elite

Re: One machine can't connect to wifi (and major snarkiness)

logging user-debug de:de:ad:be:ef:ca level debugging

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Guru Elite

Re: One machine can't connect to wifi (and major snarkiness)

After you do a write mem, SSH into the MD and type "show debug" to make sure debug is enabled for that client:

 

(aruba7005) [MDC] #show debug

DEBUG LEVELS
------------
Facility    Level      Debug Value        Sub Category  Process
--------    -----      -----------        ------------  -------
user-debug  debugging  de:ad:be:ef:ca:fe  N/A           N/A  

 Then you would type "show log user-debug 50" to look at the logs for that client.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: