Hi Dustin,
I am sharing with you the AAA profile of this Virtual-ap.
(BBSR-WLC-01) *[mynode] #show aaa profile Highradius-AP_aaa_prof
AAA Profile "Highradius-AP_aaa_prof"
------------------------------------
Parameter Value
--------- -----
Initial role denyall
MAC Authentication Profile Highradius-AP
MAC Authentication Default Role authenticated
MAC Authentication Server Group internal
802.1X Authentication Profile Highradius-AP_dot1_aut
802.1X Authentication Default Role guest
802.1X Authentication Server Group N/A
Download Role from CPPM Disabled
Set username from dhcp option 12 Disabled
L2 Authentication Fail Through Disabled
Multiple Server Accounting Disabled
User idle timeout N/A
Max IPv4 for wireless user 2
RADIUS Accounting Server Group N/A
RADIUS Roaming Accounting Disabled
RADIUS Interim Accounting Disabled
RADIUS Acct-Session-Id In Access-Request Disabled
XML API server N/A
RFC 3576 server N/A
User derivation rules N/A
Wired to Wireless Roaming Enabled
Reauthenticate wired user on VLAN change Disabled
Device Type Classification Enabled
Enforce DHCP Disabled
PAN Firewall Integration Disabled
Open SSID radius accounting Disabled
Apply ageout mechanism on bridge mode wireless clients Disabled
(BBSR-WLC-01) *[mynode] #
------------------------------
Sanjib Behera
Highradius
------------------------------
Original Message:
Sent: Jul 06, 2022 09:24 AM
From: Dustin Burns
Subject: User Authentication with internal DB is failed
Could you share the configuration of the AAA profile assigned to that virtual-ap profile?
------------------------------
Dustin Burns
Lead Mobility Engineer @Worldcom Exchange, Inc.
ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2022
If my post was useful accept solution and/or give kudos
Original Message:
Sent: Jul 05, 2022 10:32 AM
From: sanjib behera
Subject: User Authentication with internal DB is failed
HI Team,
User authentication with internal DB is failed I am getting this error user is stuck in denyall role. Please help me with how to fix this issue.
(BBSR-WLC-01) *[mynode] #show user mac 6c:94:66:13:4c:c3
This operation can take a while depending on number of users. Please be patient ....
Name: , IP: 172.26.82.191, MAC: 6c:94:66:13:4c:c3, Age: 00:00:33
Role: denyall (how: ROLE_DERIVATION_INITIAL_ROLE), ACL: 24/0
Authentication: No, status: not started, method: , protocol: , server:
Role Derivation: ROLE_DERIVATION_INITIAL_ROLE
VLAN Derivation: Default VLAN
------------------------------
Sanjib Behera
Highradius
------------------------------