This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Problems with AP320

Problems with AP320

Go to solution
siacloud_netsec
New Contributor II

‎11-06-2019 12:56 PM

I have several AP230 APs that act as RADIUS server for WPA2 802.1X authentication (Enterprise) and works OK, but does not work OK on APs AP320.

 

In the APs320, when I try to create the "AAA User Directory" configuration, with the same user that works in the APs 230, I don't join with the APs320.

 

Any idea why?

 

The error message is:

 

The join operation was unsuccessful and has timed out. The Active Directory server might not be reachable.

 

 

Note: Not comunication problem.

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
siacloud_netsec
New Contributor II

‎11-14-2019 04:33 PM

Hi,

 

I solved the problem. The problem was in NTP synchronization with DC. This caused a kerberos problem.

 

Regards.

View solution in original post

0 Kudos
4 REPLIES 4

Go to solution
siacloud_netsec
New Contributor II

‎11-14-2019 04:33 PM

Hi,

 

I solved the problem. The problem was in NTP synchronization with DC. This caused a kerberos problem.

 

Regards.

0 Kudos

Go to solution
siacloud_netsec
New Contributor II

‎11-07-2019 11:59 AM

hello,

 

we have continued to investigate. Now, the error is other: "The Aerohive RADIUS server was unable to join the Active Directory domain because its account was not found in the database, causing the login attempt to fail."

 

In capture traffic in DC, I have seen a Kerberos error: error-code: eRR-C-PRINCIPAL-UNKNOWN (6)

 

I use the same user in other APs.

 

In Windows event viewer, I don't finde any related event.

 

Any idea?

 

Thanks you so much.

0 Kudos

Go to solution
siacloud_netsec
New Contributor II

‎11-06-2019 04:10 PM

Hi,

 

Thanks for you answer.

 

I don't management AD, but I will try to get AD logs. I have seen with Wireshark that the traffic is received (and answered) in DC.

 

Regards

0 Kudos

Go to solution
samantha_lynn
Esteemed Contributor III

‎11-06-2019 03:49 PM

Do you see the join request logged in your Active Directory logs? Are there any errors or does it say the join request was successful?

0 Kudos
GTM-P2G8KFN