Security

Reply
Highlighted
Occasional Contributor II

config mobility controller and clearpass

I'm trying to connect my Aruba MC 7210 to my ClearPass 6.6 appliance but I get radius error.

 

1. In ClearPass - I Configured my MC 7210 "\Configuration\Network\Devices\"

 

2. In MC 7210 - I configured my Radius Server(ClearPass)

"\Configuration\authentication\Servers\Radius Server"

 

3. In MC 7210 - I configured my Server Group

"\Configuration\authentication\Servers\Server Group"

 

4. In MC 7210 - I configured my RFC 3576 Server(ClearPass)

"\Configuration\authentication\Servers\RFC 3576 Server"

 

5. In MC 7210 - I configured my WLAN pointing to Radius Server

 

And I receive Radius Server Authentication Error. What can I do?

 

Here we have some logs...

[Th 13 Req 5 SessId R00000005-01-5824b6c9] ERROR RadiusServer.Radius - rlm_service: Service Categorization failed

 

[Th 13 Req 5 SessId R00000005-01-5824b6c9] ERROR RadiusServer.Radius - rlm_service: Policy Server result = 65535, msg = Service classification failed

 

[RequestHandler-1-0x7f08245e2700 r=psauto-1478731079-11 h=223 r=R00000005-01-5824b6c9] ERROR Core.ServiceReqHandler - doServiceClassification: Error. Ret code=0 response list size=0


Accepted Solutions
Highlighted
Moderator

Re: config mobility controller and clearpass

OK. Look through the input tab in the access tracker request and make sure
those all match. Also, remove rule 3.


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post

Highlighted
Moderator

Re: config mobility controller and clearpass

Your SSID rule is likely the issue. You're searching for "secure", but the
SSID is "DigiWorld.Aruba"


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post

Highlighted
Moderator

Re: config mobility controller and clearpass

You have high capacity guest mode enabled. You can only use EAP-PEAP Public
in this mode.


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post


All Replies
Highlighted
Moderator

Re: config mobility controller and clearpass

Please post a screenshot of your service.


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted
Occasional Contributor II

Re: config mobility controller and clearpass

Service.PNG

Highlighted
Moderator

Re: config mobility controller and clearpass

OK. Look through the input tab in the access tracker request and make sure
those all match. Also, remove rule 3.


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post

Highlighted
Occasional Contributor II

Re: config mobility controller and clearpass

Hi, All this information is correct, I removed rule 3 and is the same

 

Input.PNG

Highlighted
Moderator

Re: config mobility controller and clearpass

Your SSID rule is likely the issue. You're searching for "secure", but the
SSID is "DigiWorld.Aruba"


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post

Highlighted
Occasional Contributor II

Re: config mobility controller and clearpass

Hi, All this information is correct, I removed rule 3 and is the same.

Logs:

ERROR RadiusServer.Radius - rlm_service: Service Categorization failed

 

ERROR Core.ServiceReqHandler - doServiceClassification: Error. Ret code=0 response list size=0

 

ERROR RadiusServer.Radius - rlm_service: Policy Server result = 65535, msg = Service classification failed

Input.PNG

Highlighted
Occasional Contributor II

Re: config mobility controller and clearpass

Thanks a lot, I solved it and now I get this

 

ERROR RadiusServer.Radius - rlm_peap: Configured for public mode, but request username hrojas does not match public username public, rejecting

 

How can I config the Authentication without public mode?

 

 

Highlighted
Moderator

Re: config mobility controller and clearpass

If you're not using EAP-PEAP-Public, remove EAP-PEAP-Public from the
authentication methods list and add EAP-PEAP.


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted
Occasional Contributor II

Re: config mobility controller and clearpass

Yes, but I dont't have that choise. Can't I use EAP-MSChap2?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: