Hi
I just upgraded a Aruba 3200 to 6.1.3.1, because the customer wants to use VIA 2.x with MSchapv2.
The client connects to the controller as it should, downloads the profile. Authentication is done thru the Aruba and to a RADIUS checking the AD username/password.
When i try to connect the client, it fails to establish a secure session.
Last night i was able to get the connection going, but with the internal database as auth server.
Now I'm not able to get a secure connection to either internaldb or RADIUS.
When connecting to RADIUS i get this error message
Apr 18 11:00:17 isakmpd[1580]: <103063> <DBUG> |ike| 212.89.48.14:4500-> exchange=IKE_AUTH msgid=1 len=284
Apr 18 11:00:17 isakmpd[1580]: <103063> <DBUG> |ike| 212.89.48.14:4500-> spi={554d0d4da179c5e3 1aaa1073464d39ba} np=E{IDi}
Apr 18 11:00:17 isakmpd[1580]: <103063> <DBUG> |ike| 212.89.48.14:4500-> #RECV 288 bytes from 212.89.48.14(22234) at 159.171.108.70 (4283.428)
Apr 18 11:00:17 isakmpd[1580]: <103063> <DBUG> |ike| 212.89.48.14:4500-> IKE_EXAMPLE_IKE_msgRecv: ip:d459300e port:22234 server:0 len:288 numSkts:18
Apr 18 11:00:17 isakmpd[1580]: <103063> <DBUG> |ike| 212.89.48.14:4500-> ike2.c (755):errorCode = ERR_IKE_GETSA_FAIL
Apr 18 11:00:17 isakmpd[1580]: <103063> <DBUG> |ike| 212.89.48.14:4500-> udp_encap_handle_message IKEv2 pkt status:-8944
Apr 18 11:00:17 isakmpd[1580]: <103063> <DBUG> |ike| 212.89.48.14:4500-> udp_encap_handle_message ver:2 serverInst:0 pktsize:288
I'm not sure what the problem is, but as i can see there is a problem with the IKE exchange.
Does anybode have a clue to resolve this? Is there anything in the connection profile i'm missing?
Roar Fossen
#3200