I tried to remove external radius server object from HM. But when i try to remove the object, it will give following error . "The External RADIUS Server cannot be removed because it is used by another object (RADIUS Client Object Entry). Please disassociate references from other configuration items before removing the item."
I don't find any RADIUS Client Object Entry in HM
Can any expert help me out here
Solved! Go to Solution.
If all of your APs are showing a green check mark next to the host name on the Monitor page, then you'll just want to click on that green check mark, which will open the audit view. You'll want to go to the Complete tab in the audit view, and check the output shown there to see what Radius object it has in use. We'll only need this from one AP per network policy you have deployed, again as long as all APs are fully updated currently. If they are not fully updated, we'll want to push a complete configuration, and then try to delete the Radius object again. If you're unable to push a complete configuration, we'd have to SSH in to each AP and run the commands "console page 0" and "show run", and then check that output for the Radius server in use.
Nicholas described the solution to get around this!
The core of this is, that web user interface lets you edit "External RADIUS Servers"(Configure/Common Objects/Aujtentication), but not "RADIUS Server groups".
"RADIUS Server groups" is what you actually apply to the Authentication Settings of an SSID with Enterprise Authentication.
AFAIK this is the only place where you can configure "RADIUS Server Groups", though the interface is titled "Configure RADIUS Servers" (IMHO this should be changes to something like "Configure RADIUS server group").
Here are the steps how to reproduce that problem (applies to 22.214.171.124-NGVASEP18 ... that's on-prmisses, not the cloud version)
You will find that objects you did not select for your Group (step 6) can easily be deleted.
Those you did select, cannot be deleted with error: "The External RADIUS Server cannot be removed because it is used by another object (RADIUS Client Object Entry). Please disassociate references from other configuration items before removing the item."
The "Used by" in this table is empty of course.
The only way to delete these objects is as Nicholas described:
Create a new SSID with Enterprise authentication and click on the "select"-icon next to "Default RADIUS Server Group". Here you can see the group you created and are able to delete it.
Once you have done that, you are also able to delete your External RADIUS Server objects.
I hope AeroHive will improve this. IMHO The groups must be editable under COMMON OBJECTS/AUTHENTICATION.
Thanks for the instructions, yet i have still the problem, that i cant delete the Radius Server Group, even if i ,as you described create a new SSID (in Enterprise mode). The error message still remains the same. Is there any way to fix this?
Thanks in advance for your help! 🙂
(I am using the cloud version of Cloud IQ)
Based on the error message given by Prashan, there is a RADIUS Server Group object that is still using the servers you are trying to delete. You would want to go into a RADIUS SSID(or create one) then use the Select icon next to RADIUS Server Groups. From here, you can delete the groups, freeing the RADIUS Server for deletion from Common Objects.