Skip to main content

7 Messages

 • 

130 Points

Thu, Aug 16, 2018 9:32 AM

About 802.11x + RADIUS configuration

Currently I have WLANS "RADIUS" with 802.1x , AAA server "RADIUS" and I can connect this with my laptop and mobile device.

Then I want to create new WLANS "OFFICE" with 802.1x and same AAA server.

But I was failure to connect ....

If I changed 802.1x to open, I can connect to "OFFICE".

Thus what's the reason of the connection ?

Thanks

Responses

19 Messages

 • 

360 Points

2 years ago

Hi Law,

In theory, that should work. However, we would need to know more details to understand what you might be running into. You mentioned that "RADIUS" WLAN works with same AAA server but "OFFICE" does not. Can you try a simple test (assuming this is in the lab), where you delete the "RADIUS" WLAN and try only the "OFFICE"? It would be interesting to see the result. Also, can you let us know the version of ZoneDirector and AP?

7 Messages

 • 

130 Points

Hi Roberto,

As I checkd for RADIUS server, authentication succeed.

But I found error below error from event log of user's laptop pc.

"Reason: Dynamic key exchange did not succeed within configured time
Error: 0x0)"

Any idea ?

Thanks

19 Messages

 • 

360 Points

7 Messages

 • 

130 Points

Hi Roberto,

Just tried failure to connect even using mobile device.

19 Messages

 • 

360 Points

Have you tried the "Testing Authentication" utility? Also, what model and version of ZoneDirector are you running? Did you try to remove the "RADIUS" WLAN as suggested?

Here is how you can try the "Testing Authentication" utility.

1. On the Configure > AAA Servers page, locate the Test Authentication Settings section.
2. Select the authentication server that you want to use from the Test Against drop-down menu.
3. In User Name and Password, enter an Active Directory, LDAP or RADIUS user name and password.
4. Click Test.

If ZoneDirector was able to connect to the authentication server and retrieve the configured groups/attributes, the information appears at the bottom of the page. The following is an example of the message that will appear when ZoneDirector:

* authenticates successfully with the server:
Success! Groups associated with this user are “{group_name}”. This user will be assigned a role of {role}.

If the test was unsuccessful, there are three possible results (other than success) that will be displayed to inform you if you have entered information incorrectly: • Admin invalid • User name or password invalid • Search filter syntax invalid (LDAP only) 

7 Messages

 • 

130 Points

Hi Roberto,

Since "RADIUS" is in production, I don't want any impact on it this moment.

For "Test Authentication", should I use "william.law" as user name for testing ?

If yes, even working AAA server also failure.

Only succeed on "Active Directory"



19 Messages

 • 

360 Points

2 years ago

Based on the message you provided, it seems to be a problem between zonedirector and radius server. What Radius server are you using? Can you look at the logs of the Radius server and see what is telling you. A couple of things I can think are. "Shared secret" not matching. The incorrect IP address defined in the Radius configuration (on the radius server side). Invalid userna/password. To know all of this, we would need to know what radius server you are using.

7 Messages

 • 

130 Points

2 years ago


Hi Roberto,

Finally, my laptop PC available to connect after I added to "Default" role.

I would like to know if I want this SSID to connect with "Operator" role, how to control it under WLAN ?

Thanks


19 Messages

 • 

360 Points

2 years ago

HI Law,

The instructions can be found on the manual page 210. Here is the link.

https://ruckus-support.s3.amazonaws.com/private/documents/223/ZoneDirector_9.5_User_Guide_-_Rev_C_-_...

Regards,
 _Roberto H


7 Messages

 • 

130 Points

Hi Roberto,


It's couldn't been download.