cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Slow passthrough RADIUS request VX9000

Slow passthrough RADIUS request VX9000

Erwin
New Contributor
Hi all,

We use a VX9000 with 1200+ AP7522.
RADIUS requests go to a Aruba RADIUS server.
The Proxy mode for RADIUS requests is: "through-centralized-controller" so the VX9000 sends the requests to the RADIUS server.

In a attempt to use a captive portal to authenticate guest users on a guest vlan we noticed that there is a lag.
It takes the VX9000 a minimal of 50 seconds to send the request after the user entered his user/password.

Can anyone shed a light on this. We are stuck.
8 REPLIES 8

Erwin
New Contributor
Solved:
For future reference:

There was a delay of 1 minute in the config of the Clearpass captive portal.
It was overlooked by us as well as the engineer of our seller.

Andrew_Webster
New Contributor III
Just a thought, but how have you defined the hosts in the AAA policy?
If by hostname, maybe its a DNS failure of some sort?
If by IP address, is the RADIUS server attempting to do some sort of reverse-IP lookup and that is failing?
Have you taken some packet captures at the AP and the VX to see the progression of the RADIUS messages to identify where it is slowing down?

Have you opened a ticket with GTAC? That's probably the next step here.

Thanks,
Doug
Doug Hyde
Director, Technical Support / Extreme Networks

Hello Doug,

Thank you for asking and sorry i did not respond earlier.

Status:
We updated our AP's to 5.8.6.8 and used the extra VX9000 which has a minimal amount of adopted AP's. We stil have the slow response.

We used the toubleshoot / Debug Captive Portal Clients.
That gave us no new knowledge.

show event-history
gives only the association and authentication info.

Nothing in the log.

I am out of options. šŸ˜ž
GTM-P2G8KFN