Is LDAP server reachable?
●
Have all LDAP attributes been configured properly?
●
Dbtype must be set to LDAP in AAA configuration
●
Save the current configuration
●
VPN Authentication using onboard RADIUS server fails
Ensure the following have been attempted:
Ensure that the VPN user is present in AAA users
●
This VPN user MUST NOT added to any group.
●
Save the current configuration
●
Accounting does not work with external RADIUS Accounting server
Ensure that accounting is enabled.
Ensure that the RADIUS Accounting server reachable
●
Verify that the port number being configured on accounting configuration matches that of external
●
RADIUS Accounting Server
Verify that the shared secret being configured on accounting configuration matches that of external
●
RADIUS Accounting Server
Troubleshooting RADIUS Accounting Issues
Use the following guidelines when configuring RADIUS Accounting
The RADIUS Accounting records are supported for clients performing 802.1X EAP based
●
authentication or using the Hotspot functionality.
The user name present in the accounting records, could be that of the name in the outer tunnel in
●
authentication methods like: TTLS, PEAP.
If the controller crashes for whatever reason, and there were active EAP clients, then there would be
●
no corresponding STOP accounting record.
If using the on-board RADIUS Accounting server, one can delete the accounting files, using the del
●
command in the enable context.
If using the on-board RADIUS Accounting server, the files would be logged under the path:
●
/flash/log/radius/radacct/
Rogue AP Detection Troubleshooting
Extreme Networks recommends adhereing to the following guidelines when configuring Rogue AP
detection:
Basic configuration required for running Rogue AP detection:
●
Summit WM3000 Series Controller System Reference Guide
509