I recently switched our test environment from a windows based NPS to
Packetfence (with Packetfence PKI) however I am currently running into an
issue when attempting to include the two Aruba Mobility Controllers (we run
HA with dual controllers). We have one Aruba AP setup for radius and yet I
somehow get different results between my Mac and Windows clients when
attempting to connect, the Mac devices work fine but the radius.log shows
them connecting from one of the controllers, whereas the windows devices
fail to connect by saying that the switch is not managed:
Feb 13 16:05:48 VMNOCNMPAKFEN auth[5612]: Adding client 10.81.0.9/32
Feb 13 16:05:48 VMNOCNMPAKFEN auth[5612]: (255) rest: ERROR: Server
returned:
Feb 13 16:05:48 VMNOCNMPAKFEN auth[5612]: (255) rest: ERROR:
{"Reply-Message":"Switch is not managed by
PacketFence","control:PacketFence-Authorization-Status":"allow","control:PacketFence-Request-Time":1707869148}
Feb 13 16:05:48 VMNOCNMPAKFEN auth[5612]: (255) Rejected in post-auth:
[host/WindowsTestCert] (from client 10.81.0.9/32 port 0 cli
c8:34:8e:3d:f2:fd)
Feb 13 16:05:48 VMNOCNMPAKFEN auth[5612]: (255) Login incorrect (rest:
Server returned:): [host/WindowsTestCert] (from client 10.81.0.9/32 port 0
cli c8:34:8e:3d:f2:fd)
When troubleshooting this I deleted the 2 controller addresses from my
packetfence setup and now I get an error that my identifier is already in
use when trying to re-add it (this behavior continues after I reboot
packetfence via the CLI)
Hopefully someone with experience with Aruba devices can chime in here as
the documentation is a few Aruba OS's behind.
Thanks,
Reese Herber
Systems Integration Analyst
Department of Learning and Innovation
Phone: 253-530-3715
"The fusion of technology and education is the canvas on which we
paint the masterpiece of our collective future, one pixel at a time."
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
