Extreme Networks

patkszen · ‎05-10-2019

Having some problems on our guest wifi lately. Users are not able to connect on some occasions, we use ID Manager so PSK are issued and handed over to users.

Monitor function in Hive Manager is not giving any clues. I have ran a debug on one of the AP's that's being selected as a radsec proxy and found the below:

<28>1 2019-05-10T14:29:59.012839+00:00 aerohive radsecproxy[13556]: connecttcphostlist: trying to open TCP connection to auth.aerohive.com port 80

<28>1 2019-05-10T14:29:59.030908+00:00 aerohive radsecproxy[13556]: connecttcphostlist: TCP connection to auth.aerohive.com port 80 up

<27>1 2019-05-10T14:29:59.032792+00:00 aerohive radsecproxy[13556]: tlsconnectnonblock failed

Is it something that we should start looking into

APs are 130 ver HiveOS 8.1r2a.178408 , hive manager on prem

patkszen · ‎05-15-2019

Checked on the firewall and logs from my first post correlate with the below

this occurs every second. It seems that ID Manager resets each one of these attempts, is it some sort of keep alive mechanism?

I'm not sure whether "tlsconnectnonblock failed" entry of the log indicates issues or normal behaviour?

patkszen · ‎05-13-2019

We'll check FW. Also why are AP's trying to communicate with auth.aerohive.com on tcp 80? I thought all the communication between auth.aerohive.com and radsec proxies would be over 2083? Another thing I have noticed is that other AP's (no radsec proxies) are trying to reach auth.aerohive.com, not sure why

ashley_finch · ‎05-10-2019

Hi Patryk,

Usually a connection block of that sort is a firewall issue. I'd check on the firewall to see if you can see traffic being blocked. If this is the same as Cloud, IDM uses port 2083.