WLC/LWAPPs/IAS AAA error.

Answered Question
Sep 18th, 2008

Hi,

I got a WLC4404 running software version 5.1.151.0 with 40 LWAPPs (mostly 1242AG). We got new Dell Latitude E6500 Laptops with Intel 5100 NICs. After upgrading the bios to the latest version and installing the latest wlan driver, wireless is working the most time.

After about 4 reboots I see the following message in the WLCs logfile: "Thu Sep 18 13:53:10 2008 AAA Authentication Failure for UserName:host/hostname.domain.name User Type: WLAN USER".

After I disable the wlan-card, it's working again. Could someone interpret this message or has an solution?

I have this problem too.
0 votes
Correct Answer by Scott Fella about 8 years 1 month ago

On the client side, make sure you don't check validate machine. That should do it.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Scott Fella Thu, 09/18/2008 - 18:27

That is a normal failure error when a user is not found in either the radius or the database the user is in. Is the wlan driver you used the recommended driver by the laptop manufacturer or is it the latest driver by the card manufacturer? You should follow the laptop manufacturer's recommended version. If you have more issues now with the driver version, then I would recommend you install the previous driver.

simonbaumann Fri, 09/19/2008 - 01:37

I've went back to the orginal Dell Driver, but it's the same as Intel. So, what I assume: maybe it's a problem with the enabled fast raoming in the client settings?

simonbaumann Mon, 10/13/2008 - 01:04

My log from the IAS shows the following error: 65 = IAS_DIALIN_DISABLED. Hmm, the policy allows the dialin. Someone got an idea where to fix it?

simonbaumann Mon, 10/13/2008 - 03:03

I think I've got an idea where the error comes from: the affected maschines try to authenticate using its computer account, not the user account. Hmm...

Correct Answer
Scott Fella Mon, 10/13/2008 - 03:34

On the client side, make sure you don't check validate machine. That should do it.

simonbaumann Mon, 10/13/2008 - 06:11

Thanks, fella5! It's working now. Could you explain that setting to me? The clients get the certificate via GP, so I don't understand that error.

Actions

This Discussion

 

 

Trending Topics - Security & Network