Rich -
You want to make sure that the controllers are sending their IP addresses as
the NAS-IP-Address. This has to be done on each controller. If you don’t do
this, then the master IP address is sent by all the controllers and you get
this error.
The command that you want is:
ip radius nas-ip a.b.c.d
----
Charles Rumford
Network Engineer
ISC Network Operations
University of Pennsylvania
(p) 215-746-2808
(c) 267-398-7939
On Sep 20, 2013, at 10:49 AM, Rich Graves <[email protected]> wrote:
> We recently (two days before freshmen arrived, brilliant) added a second
> Aruba wireless controller (6.2.x), configured master/local. Previously they
> were an active/passive failover pair, but we now have more radios than
> licenses, so we dropped the redundancy.
>
> DeAuth is not working for clients on the second controller. PacketFence
> (3.4.x) is sending DeAuth packets to the aruba-master interface, which
> returns Disconnect-NAK: Session-Context-Not-Found. I observe that accounting
> packets sent by the secondary local controller include the aruba-master
> inferface in the NAS-IP-Address field. Is this how PacketFence knows where to
> send the DeAuth?
>
> I have "solved" the problem by hacking at SNMP.pm's radiusDisconnect() to
> retry the secondary controller's IP address if the primary returns NAK. This
> "works," but surely there's a better way.
>
> Is the Aruba master controller (ArubaOS 6.2.x) supposed to accept and forward
> DeAuth requests for its locals? Currently it's not. Should the local be
> sending its own address in the NAS-IP-Address field? How would I configure
> that? Or should PacketFence consult some mysterious oracle to know whether to
> send DeAuths to the master or the local?
> --
> Rich Graves http://claimid.com/rcgraves
> Carleton.edu Sr UNIX and Security Admin
> ------------------------------------------------------------------------------
> LIMITED TIME SALE - Full Year of Microsoft Training For Just $49.99!
> 1,500+ hours of tutorials including VisualStudio 2012, Windows 8, SharePoint
> 2013, SQL 2012, MVC 4, more. BEST VALUE: New Multi-Library Power Pack includes
> Mobile, Cloud, Java, and UX Design. Lowest price ever! Ends 9/20/13.
> http://pubads.g.doubleclick.net/gampad/clk?id=58041151&iu=/4140/ostg.clktrk_______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
LIMITED TIME SALE - Full Year of Microsoft Training For Just $49.99!
1,500+ hours of tutorials including VisualStudio 2012, Windows 8, SharePoint
2013, SQL 2012, MVC 4, more. BEST VALUE: New Multi-Library Power Pack includes
Mobile, Cloud, Java, and UX Design. Lowest price ever! Ends 9/20/13.
http://pubads.g.doubleclick.net/gampad/clk?id=58041151&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
