cancel
Showing results for 
Search instead for 
Did you mean: 

Onboarding (Zero IT) with vSZ. Authentication issue.

niklas_ejderfj_
New Contributor II
Hi,
We are trying to set up a BYOD WLAN with Onboarding (Zero IT) but cant seem to get the register device authentication to work.

Ruckus Support have spent a lot of time to try to help with this issue remotely. They have verrified that our vSZ is configured correct and that our NPS (2012) which we use as RADIUS-server have the right policies.

Despite this we cant get the authentication to work. 
When we try to authenticate in the register device portal we get "Internal server error".
The NPS logs 2 events every time; 6278 and 6272. Both with Audit Success. Both logs says that the user is granted full network access and match the policy we have set up for Secure Wireless Connection.

Ruckus Support ran a tcpdump on our vSZ to see what traffic passes during authentication and there we can see an Access Reject " Access Reject (3), id: 0x0d, Authenticator:xxxxxxxx"

vSZ is located externally and our NPS is local.
On NPS side we have port 1812 and 1813 open and we have all ports open for vSZ services on that side.

According to Ruckus Support the issue is on our RADIUS side but I cant seem to figure out where to contiune troubleshoot this as "everything is configured by the book". 

If anyone would have some suggestions or input that could point me in the right direction I would appreciate it a lot.
Thank you.
5 REPLIES 5

gerard_3770286
New Contributor III
Have you tried turning off the external firewall, and internal { vSZ firewall.}  { Redhat }.. Just to see if its something to do with the firewall settings..  Suggestion..

niklas_ejderfj_
New Contributor II
Thank you for the suggestion Gerard. We disabled the firewall completely on vSZ-side with no change. Today we will set up a seperate RADIUS server on a virtual client so we can se if it is our NPS that is causing this.

gerard_3770286
New Contributor III
What is the account back link command ( *.  )?

niklas_ejderfj_
New Contributor II
Hello Gerard,
Im not sure what you are reffering to here. Please clarify. I am not the one handling the server on vSZ side and I am not used to Linux. Thank you.