Security

Hi all,

I've got a small lab cluster of iap's with a vc in which I am trying to enable dtls. Tried pretty much every setting and my cluster goes down after enabling dtls. 

• ntp server is reachable for all iap's
• auto-join is enabled and all ap's are whitelisted
• Enabled allow-low-assurance-devices
• disabled disallow-non-dtls-slaves

and in non of the logs I see any errors… kinda lost here what's happening. Only thing I have to get and not sure about is if the cluster wasn't synced yet after enabling dtls. 

Any thoughts are appreciated!

Did you find/follow the Cluster Security section in the documentation? It contains the commands to perform logging as well..

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------

Original Message:
Sent: Mar 06, 2024 09:06 AM
From: Jan-Wiebe Korstanje
Subject: Dtls iap's not joining cluster

Hi all,

I've got a small lab cluster of iap's with a vc in which I am trying to enable dtls. Tried pretty much every setting and my cluster goes down after enabling dtls. 

• ntp server is reachable for all iap's
• auto-join is enabled and all ap's are whitelisted
• Enabled allow-low-assurance-devices
• disabled disallow-non-dtls-slaves

and in non of the logs I see any errors… kinda lost here what's happening. Only thing I have to get and not sure about is if the cluster wasn't synced yet after enabling dtls. 

Any thoughts are appreciated!