beautypg.com

Radius server does not start upon enable, Radius server does not reply to my requests, Radius server is rejecting the user – Brocade Mobility RFS7000-GR Controller System Reference Guide (Supporting software release 4.1.0.0-040GR and later) User Manual

Page 530: Time of restriction configured does not work, Authentication fails at exchange of certificates

background image

516

Brocade Mobility RFS7000-GR Controller System Reference Guide

53-1001944-01

Security issues

B

RADIUS Server does not start upon enable

Ensure the following have been attempted:

Import valid server and CA certificates

Add a RADIUS client in AAA context

Ensure that key password in AAA/EAP context is set to the key used to generate imported
certificates

DO NOT forget to SAVE!

RADIUS Server does not reply to my requests

Ensure the following have been attempted:

Add a RADIUS client in RADIUS server configuration with the Switch’s VLAN interface, IP
address and subnet, which have been marked as management

Save the current configuration

Ensure that the WLAN settings haves been set to use the on-board/local RADIUS server by
entering the local IP address or the switch management VLAN IP address

RADIUS Server is rejecting the user

Ensure the following have been attempted:

Verify a SAVE was done after adding this user.

Is the user present in a group?

If yes, check if the Wlan being accessed is allowed on the group

Check if time of access restrictions permit the user.

Time of Restriction configured does not work

Ensure that date on the system matches your time.

Authentication fails at exchange of certificates

Ensure the following have been attempted:

Verify that valid certificates were imported.

If the Supplicant has "Validate Server Certificate" option set, then make sure that the right
certificates are installed on the MU.

When using another Brocade Mobility RFS7000-GR Controller (switch 2) as
RADIUS server, access is rejected

Ensure the following have been attempted:

Make sure that the user, group and access policies are properly defined on switch 2

Add a AAA client on switch 2 with a VLAN interface IP address which can communicate with
switch 1

Save the current configuration

See also other documents in the category Brocade Computer Accessories: