Wired Intelligent Edge

last person joined: 7 hours ago 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

Aruba OS 8.3.0.1 - problem self-signed cert for CPsec, AP 303 as Campus

This thread has been viewed 2 times

  • 1.  Aruba OS 8.3.0.1 - problem self-signed cert for CPsec, AP 303 as Campus

    Posted Jul 05, 2018 11:37 AM

    Hi

    We have installed virtual controller with 8.3.0.1 soft and campus AP 303.

    We have problem with connecting AP to VMC with CPSec. We can provision APs and then they are rebooting twice and after that there is an error in Logs and this process starts once more i loop and so on.

     

    In logs we have:

    Rebooting: Unable to set up IPSec tunnel to saved lms, Error:RC_ERROR_ISAKMP_N_CERT_SELFSIGNED_VERIFY_FAILED

     When we turn off CPSec Everything is ok - APs starts and join controller normally.

     

    Someone has similar problem ? Any help will be very appreciated. 

     

    I have tried to genertae new self-sined cert, but without effect. I have also tried to change whitelist-db cert state - the same. 

    APs and controler are in the same vlan - directly connected.

     

    best regards

     

    Karol

     

     

     



  • 2.  RE: Aruba OS 8.3.0.1 - problem self-signed cert for CPsec, AP 303 as Campus

    Posted Jun 02, 2019 05:16 AM

    Did you ever solve this?  I'm having the same issue - APs connect fine to a HW controller but fail to VMC with the same error message you see.



  • 3.  RE: Aruba OS 8.3.0.1 - problem self-signed cert for CPsec, AP 303 as Campus

    Posted Jun 02, 2019 05:14 PM

    Hi

     

    Yes, the problem was resolved in new firmware version 

    At this moment I have 8.4.0.0 and it is working fine 

    What version do You have ?

     

    regards

     

    Karol



  • 4.  RE: Aruba OS 8.3.0.1 - problem self-signed cert for CPsec, AP 303 as Campus

    Posted Jun 03, 2019 06:18 AM

    I'm using 8.5.0.0 currently... bleeding edge so maybe a bug, still troubleshooting.



  • 5.  RE: Aruba OS 8.3.0.1 - problem self-signed cert for CPsec, AP 303 as Campus

    Posted Jun 03, 2019 08:07 AM

    Hi

     

    So realy strange

    So try to downgrade to 8.4.0.0. I have not yet tested  AP 303 on 8.5.0.0

     

    The other difference maybe I have standalone version on VMWare

     

    Be careful also about configuration in VMware. You must gone through all recommendation that are in Installation Guide (promiscous mode and so on) 

    I had also problem with wrong configuration of virtual environmemt. Physical NIC was aggregated but only from server site not from switch site, which was not correct.

     

    regards

     

    Karol



  • 6.  RE: Aruba OS 8.3.0.1 - problem self-signed cert for CPsec, AP 303 as Campus

    MVP GURU
    Posted Aug 06, 2019 08:56 AM

    There is no TPM (and Certificate) on Controller vm..



  • 7.  RE: Aruba OS 8.3.0.1 - problem self-signed cert for CPsec, AP 303 as Campus

    Posted Aug 13, 2019 04:54 PM

    Hi alagoutte

     

    Thank You for info 

     

    regards

     

    Karol