11-04-2014 03:06 PM - last edited on 11-05-2014 06:36 AM by Isadora
I've been trying for the last 2 days to set up wpa2 enterprise with ldap for my company.
The ldap is a windows 2008 with AD role.
The iaps are in 220.127.116.11-4.0
So yesterday I managed to connect with the configured ldap from an iphone but it was still rejected from windows and linux computer.
I thought it was a problem due to certificates so I created a CA certificate and a other one for server authentication. I tried to upload them with the GUI but nothing exept the green ok popup happened. The default certificates where still there and no trace of the new ones, even in the cli.
I tried to upload the certificate from cli with the <download-cert> command but still no result.
I also tried from the reference guide the <copy tftp> commande to upload a certificate but it only made the default CA certificate disapear from the iap.
Also I reversed to backup just to see that the default ca certificate is still nowhere and my uploaded ones still completely invisible.
While searching through the forum I read that certificate was not mandatory for wpa2 enterprise with ldap is that correct? In that case I will start looking away from the certificates. But there still would be the probleme of the fail uploads.
Thanks for reading.
I was using 2 iap while making the configuration and it appear one is almost working with wpa2 enterprise while the other is not. Iphone android and linux station manage to autenticate but windows station won't. Probably because the default ca certificate is missing from the iap.
here are the debut auth log from the iap.
a success auth
Nov 5 11:22:43 station-up 2 4 server rejected
11-06-2014 06:14 PM
Windows devices do not work if you are pointing to an LDAP server for authentication for 802.1x unless you install special software on them. Androids and iPHones have that special software (supplicant), so they will abe able to authenticate. Windows devices do not have that software. The ultimate solution is to configure a radius server on Windows and point the IAP to that server:
Please see the thread here for details on why it will not work on windows computers: http://community.arubanetworks.com/t5/Aruba-Instan
You can also check out the thread here http://community.arubanetworks.com/t5/Community-Tr
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs