There is none radsec proxy server in current DA domain, the candidate number is 1

  • 2
  • Question
  • Updated 3 years ago
I am seeing the following Alarm: "There is none radsec proxy server in current DA domain, the candidate number is 1 "
On AP330 runnnig HiveOS Version 6.4r1a.2103.  The alarm came in Monday (today), Sunday, yesterday I updated the HiveOS to 6.4r1.  
Not sure what could be causing this, any troubleshooting advise.
Photo of Jack Willis

Jack Willis

  • 1 Post
  • 0 Reply Likes

Posted 3 years ago

  • 2
Photo of Luke Harris

Luke Harris

  • 265 Posts
  • 18 Reply Likes
I've just upgraded to HM 6.5r1 and seem to be seeing same alarm on a number of AP's. More worryingly two of my 3 sites that make use of ID Manager are no longer electing ID Manager proxy servers which means authentication now doesn't work. 

Can I manually elect a proxy or is there anyway in which this election is biased etc.?
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Have you ensured that all your APs have an accurate clock?

From the CLI, run:

show clock

show ntp
Photo of Luke Harris

Luke Harris

  • 265 Posts
  • 18 Reply Likes
From the ones I've just checked. Yes the time is correct and NTP is working correctly.
Photo of Luke Harris

Luke Harris

  • 265 Posts
  • 18 Reply Likes
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Do you get anything interesting from:

_debug radsec
debug console
Photo of Luke Harris

Luke Harris

  • 265 Posts
  • 18 Reply Likes
It just looks like normal traffic to me...nothing that would suggest authentication or send failures. I more concerned by the fact that one of my sites is showing nearly all the AP's in a certain area as ID Manager proxy servers. I've never seen that sort of behavior before. Also on one of the other sites that also makes use of ID Manager, no proxies have been elected so it doesn't work...
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Perhaps worthy of a support case. I am not intimately familiar with Aerohive's implementation in this area.
(Edited)
Photo of Luke Harris

Luke Harris

  • 265 Posts
  • 18 Reply Likes
Hmm, it's certainly very disheartening. We have recently purchased new AP's which require this version of Hive OS to be supported.