This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

There is no RADSEC proxy enabled for the network, though port 2083 test is successful. Is there anything else need to be allowed from Firewall or in hivemanager for PPSK to work?

There is no RADSEC proxy enabled for the network, though port 2083 test is successful. Is there anything else need to be allowed from Firewall or in hivemanager for PPSK to work?

akshara_agarwal
New Contributor

ā€Ž09-10-2019 09:42 AM

There is no RADSEC proxy enabled for the network, though port 2083 test is successful. Is there anything else need to be allowed from Firewall or in hivemanager for PPSK to work?
0 Kudos
10 REPLIES 10

akshara_agarwal
New Contributor

ā€Ž09-11-2019 03:03 PM

2019-09-10 14:45:46 info  ah_cli: security: admin:<exec aaa idm-test radsec-proxy >

2019-09-10 14:44:32 info  ah_cli: security: admin:<exec aaa idm-test radsec-proxy >

2019-09-10 14:44:25 info  ah_cli: security: admin:<exec aaa idm-test radsec-proxy >

2019-09-10 14:43:18 info  sshd[31258]: aaa: ah_tpa_radc_conf_fetch: fetch the config for IDM_GLOBAL failed

2019-09-04 14:35:09 err   ah_capture: application: [IDM-PPSK] Fetch PPSK password from IDM failed, error code = -11

2019-09-04 14:35:09 err   ah_capture: application: [IDM-PPSK] Fetch PPSK password from IDM failed, error code = -11

 

0 Kudos

akshara_agarwal
New Contributor

ā€Ž09-11-2019 03:01 PM

Hi, Customer tried rebooting AP several times, reset AP, different FW, still the same. current version is HiveOS 8.2r4 build-207023

 

0 Kudos

ashley_finch
Contributor III

ā€Ž09-10-2019 03:23 PM

All looks normal except from the show idm which shows the IDM proxy IP as itself but the proxy status is disabled. If you push a complete upload or reboot the AP does it change at all? Which firmware version are you on?

0 Kudos

akshara_agarwal
New Contributor

ā€Ž09-10-2019 03:06 PM

show clock

2019-09-10 14:45:33 Tuesday

 

P-1-01#exec aaa idm-test rad

AP-1-01#exec aaa idm-test radsec-proxy 

The Aerohive device establish a TCP session with the ID Manager auth gateway successfully.

AP-1-01#

AP-1-01#_show radsec elct-pool

 

DA IP address: 10.1.199.107

MGT0 IP address: 10.1.199.105

current device is DA: No

Radsec proxy function is running: No

Auto-election pool is valid: No

 

 

P-1-01#show idm

IDM client: Enabled Per SSID

IDM Proxy IP: 10.1.199.105

IDM proxy: Disabled

RadSec Certificate state: Valid

RadSec Certificate Issued: 2019-09-09 15:48:44 GMT

RadSec Certificate Expires: 2020-09-08 15:48:44 GMT

 

any suggestions please ??

 

0 Kudos

ashley_finch
Contributor III

ā€Ž09-10-2019 10:37 AM

exec aaa idm-test radsec-proxy would probably be the best command to use to verify if it can reach the service.

What is the output from 'show idm' and '_Show radsec elct-pool'

Additionally if you do a "show clock" command, is the time on the AP correct?

0 Kudos
GTM-P2G8KFN