AAA, NAC, Guest Access & BYOD

Authenticate IAP management users via CPPM using generic Radius service

Aruba Employee

This article talks about authenticating IAP management users against AD using a generic Radius service on CPPM.

 

Environment : This works best on CPPM 6.2 version.

 

Below are the detailed steps.

1: Adding Aruba IAP as NAD device on CPPM.

Navigate to Configuration > Network > Devices

Click Add Device

Add the device as shown below.

rtaImage.png

The Vendor name should be selected as Aruba and COA enabled.

Also 
make sure that we configure the same Radius Shared secret on the VC as well.

 

2: Integrate Aruba IAP  with CPPM

Click on "Security" and fill the below details.

rtaImage (1).png

Navigate to System - Admin and make the below configuration.

rtaImage (2).png

3: Configuration of CPPM

Navigate to "Configuration » Start Here" and use the default "RADIUS Enforcement ( Generic )" service.

rtaImage (3).png

Add the NAD-IP-Address as the IP of your IAP.

rtaImage (4).png

Add the Authentication methods as "PAP" and the Authentication source can be AD or LDAP server.

As this just a generic service we can skip configuration of Roles and provide a sample allow all access.

rtaImage (5).png

Save and exit the configuration.

Version history
Revision #:
1 of 1
Last update:
‎07-11-2014 09:31 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: