Wireless Access

last person joined: 20 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Error 419

This thread has been viewed 0 times

  • 1.  Error 419

    Posted Jan 23, 2012 04:27 PM
      |   view attached

    Hi,

     

    i'm trying to connect a laptop with the VIA software to one of my controller.

     

    I have never used this software before so i have made all the steps mentioned in the manual but when i try to connect i get an 419 error (ISAKMP could not be initialized). Anyone esle had this error before.

     

    Thank you very much!

     

    PS:

     

    Now i have played a bit with the pre-shared keys and so on. Now  i have another error (see screenshot).



  • 2.  RE: Error 419

    EMPLOYEE
    Posted Jan 23, 2012 07:58 PM

    What version of ArubaOS?



  • 3.  RE: Error 419

    Posted Jan 24, 2012 01:11 AM

    Hi,

     

    6.1.2.4



  • 4.  RE: Error 419

    EMPLOYEE
    Posted Jan 24, 2012 05:04 AM

    Do you have the PEF-VIA license and are you allowing both UDP4500 and TCP443 inbounds to the controller?

     



  • 5.  RE: Error 419

    Posted Jan 24, 2012 05:18 AM

    Yes i have installed the license and forwarded both ports to the controller



  • 6.  RE: Error 419

    EMPLOYEE
    Posted Jan 24, 2012 06:22 AM

    That is a fairly generic error message.  If you want quick help, you should open a TAC (support) case, because they can get access to your logs and other information that you probably cannot post here publicly.

     

    You could, on the controller's commandline ensure that the traffic is being received by the controller by doing this:

     

    show datapation session table <public ip address of via client>

     

     

     

     



  • 7.  RE: Error 419

    Posted Jan 24, 2012 11:49 AM

    The error number is 8949...

     

    I think it's not a bug but more a config-issue. I have checked the traffic with your command. The first part is a communication on port 443 and then the communications switches over to port 4500 (i think this is correct?) 



  • 8.  RE: Error 419

    EMPLOYEE
    Posted Jan 24, 2012 11:59 AM

    Okay.  Let's do some debugging on the commandline:

     

    config t
logging level debugging security subcat ike
logging level debugging security process aaa
logging level debugging security process authmgr
logging level debugging security subcat l2tp
logging level debugging security subcat vpn

     

     

    When you are trying to connect, type "show log security 50" to see what it says.



  • 9.  RE: Error 419

    Posted Jan 25, 2012 09:29 AM
      |   view attached

    Hi,

     

    i have done the debugging like you said. I have attached the output. 

    Attachment(s)

    zip
    VIA.zip   939 B 1 version


  • 10.  RE: Error 419

    Posted Jan 27, 2012 05:45 PM
    I just recently had the same problem. Make sure you have an ip address pool range defined in IPSec settings Configuration- Advanced services- VPN Services- IPSEC tab. Define an address pool Also make sure to create a route in your firewall for that range to point all that subnet traffic to the controller's IP address.


  • 11.  RE: Error 419

    EMPLOYEE
    Posted Jan 27, 2012 07:41 PM
    @Dongle3000ccm wrote:

    Hi,

     

    i have done the debugging like you said. I have attached the output. 

    The logs are inconclusive.  You should open a case with support so that they can go over your settings.