Wireless Access

Occasional Contributor I

IOS VIA client and IKEv2


I am testing the VIA client for the IOS devices , so far I was able to connect using the IKEv1 , however when I am trying to use the IKEv2 it does not work , debug logs below (truncated )



<INFO> |ike| IKEv2 EAP-Authentication succeeded for (External
<DBUG> |ike| authR_out
<DBUG> |ike| <-- R#SEND 80 bytes to (141462.633)
<DBUG> |ike|> udp_encap_handle_message ver:2 serverInst:0 pktsize:96
<DBUG> |ike|> IKE_EXAMPLE_IKE_msgRecv: ip:46d4843c port:2585 server:0 len:96 numSkts:4
<DBUG> |ike|>
<DBUG> |ike|> #RECV 96 bytes from at (141463.397)
<DBUG> |ike|> spi={a5532491ad71f9ce a79bb49f91ea615a} np=E{AUTH}
<DBUG> |ike|> exchange=IKE_AUTH msgid=6 len=92
<DBUG> |ike|> IKE2_xchgIn
<DBUG> |ike|> IKE2_newXchg oExchange:35 bReq:0 dwMsgId:6
<DBUG> |ike|> IKE2_newXchg before delXchg
<DBUG> |ike|> authR_in
<DBUG> |ike|> --> R AUTH_i aa 69 73 af 3e 89 cf 02 44 87 48 c2 98 3a 5b 34 8a 62 22 c7
<DBUG> |ike|> x 46 6c 4d ee 6a 55 e1 90 a9 71 e6 1d fc 56 e8 36 fd 62 81 6c
<DBUG> |ike|> ike2_state.c (6968): errorCode = ERR_IKE_BAD_HASH
<DBUG> |ike|> OutCp entered
<DBUG> |ike|> <-- R Notify: AUTHENTICATION_FAILED (IKE)#SEND 80 bytes to (141463.398)
<DBUG> |ike|> cleanup_and_free_context delete ctx memory
<DBUG> |ike|> udp_encap_handle_message IKEv2 pkt status:-8910


I see the controller talking the the RADIUS , the username and passwd are correct , the servers certs for RADIUS and Aruba are both issued by the same CA .


Has anyone seen that kind of the problem before ?

Any help will be greatly appreciated.






Search Airheads
Showing results for 
Search instead for 
Did you mean: