05-07-2014 08:37 PM - last edited on 05-13-2014 06:32 PM by Jamie E
I am new with aruba AP and hopefully experts and more experience users in this forum can help me. I have IAP 225 and clearpass installed but I don't have aruba mobility controller so basically using virtual controller built in IAP 225. At the moment, IAP 225 is running fine and i have configured it to work 2 SSID (employee and guests). My questions or tasks:
1. How do I configure to IAP 225 to communicate with clearpass? I have seen lots of documentation for clearpass but not for the IAP configuration.
My understanding is, i need to setup radius server with in IAP and create share secret, then use that credential in clearpass. I have created a radius server in IAP from menu System > Admin > Local : i have create a radius. are my steps and understanding are correct?
2. All the configuration (employee and guestes roles, access, setting) from IAP 225 will it be useless once I have it connected to clearpass? if so, then i will need to configure my clearpass with all the setting prior joining IAP to clearpass, is that correct?
3. I have seen this steps from the forum:
is that the correct steps even though some of the steps meant to be for aruba mobility controller?
Thank you for assisting with this.
05-08-2014 02:43 AM
-If you have a cluster I recommend that you assign an IP address to the Virtual Controller under the systems tab this will the address you as a radius client in ClearPass
-Enable dynamic radius proxy under system settings
- Then add the clearpass server as a radius server in the security settings
- add VC address in the device list matching the same key
- create two services for each network (guest and employee )
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
05-08-2014 03:22 AM
If the roles you pass back from clearpass match roles on a controller or IAP cluster then the user will be placed into those roles - so no your roles will not be useless, they will work as they did before.