beautypg.com

Troubleshooting radius accounting issues, Rogue ap detection troubleshooting, Authentication using ldap fails – Brocade Mobility RFS7000-GR Controller System Reference Guide (Supporting software release 4.1.0.0-040GR and later) User Manual

Page 531

background image

Brocade Mobility RFS7000-GR Controller System Reference Guide

517

53-1001944-01

Rogue AP detection troubleshooting

B

Authentication using LDAP fails

Ensure the following have been attempted:

Is LDAP server reachable?

Have all LDAP attributes been configured properly?

Dbtype must be set to LDAP in AAA configuration

Save the current configuration

VPN Authentication using onboard RADIUS server fails

Ensure the following have been attempted:

Ensure that the VPN user is present in AAA users

This VPN user MUST NOT added to any group.

Save the current configuration

Accounting does not work with external RADIUS Accounting Server

Ensure that accounting is enabled.

Ensure that the RADIUS Accounting server reachable

Verify that the port number being configured on accounting configuration matches that of
external RADIUS Accounting Server

Verify that the shared secret being configured on accounting configuration matches that of
external RADIUS Accounting Server

Troubleshooting RADIUS Accounting issues

Use the following guidelines when configuring RADIUS Accounting

The RADIUS Accounting records are supported for clients performing 802.1X EAP based
authentication or using the Hotspot functionality.

The user name present in the accounting records, could be that of the name in the outer
tunnel in authentication methods like: TTLS, PEAP.

If the switch crashes for whatever reason, and there were active EAP clients, then there would
be no corresponding STOP accounting record.

If using the on-board RADIUS Accounting server, one can delete the accounting files, using the
del command in the enable context.

If using the on-board RADIUS Accounting server, the files would be logged under the path:
/flash/log/RADIUS/radacct/

Rogue AP detection troubleshooting

Brocade recommends adhereing to the following guidelines when configuring Rogue AP detection:

Basic configuration required for running Rogue AP detection:

Enable any one of the detection mechanism.

See also other documents in the category Brocade Computer Accessories: