Aruba Instant & Cloud Wi-Fi

Reply
New Contributor
Posts: 2
Registered: ‎05-06-2014

IAP 225 and clearpass

[ Edited ]

Hi All,

 

I am new with aruba AP and hopefully experts and more experience users in this forum can help me.  I have IAP 225 and clearpass installed but I don't have aruba mobility controller so basically using virtual controller built in IAP 225.  At the moment, IAP 225 is running fine and i have configured it to work 2 SSID (employee and guests).  My questions or tasks:

 

1. How do I configure to IAP 225 to communicate with clearpass? I have seen lots of documentation for clearpass but not for the IAP configuration.

 

My understanding is, i need to setup radius server with in IAP and create share secret, then use that credential in clearpass.  I have created a radius server in IAP from menu System > Admin  > Local : i have create a radius.  are my steps and understanding are correct?

 

2. All the configuration (employee and guestes roles, access, setting) from IAP 225 will it be useless once I have it connected to clearpass? if so, then i will need to configure my clearpass with all the setting prior joining IAP to clearpass, is that correct?

 

3. I have seen this steps from the forum:

 

http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/Howto-Authenticate-to-an-Aruba-Controller-via-Clearpass-and/td-p/94828

 

is that the correct steps even though some of the steps meant to be for aruba mobility controller?

 

Thank you for assisting with this.

 

herry

MVP
Posts: 4,114
Registered: ‎07-20-2011

Re: IAP 225 and clearpass

IAP Config:
-If you have a cluster I recommend that you assign an IP address to the Virtual Controller under the systems tab this will the address you as a radius client in ClearPass
-Enable dynamic radius proxy under system settings
- Then add the clearpass server as a radius server in the security settings

Clearpass
- add VC address in the device list matching the same key
- create two services for each network (guest and employee )
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Super Contributor II
Posts: 429
Registered: ‎01-19-2011

Re: IAP 225 and clearpass

If the roles you pass back from clearpass match roles on a controller or IAP cluster then the user will be placed into those roles - so no your roles will not be useless, they will work as they did before.

New Contributor
Posts: 2
Registered: ‎05-06-2014

Re: IAP 225 and clearpass

thank you all for the response, much appreciated . I will give it another go.

Search Airheads
Showing results for 
Search instead for 
Did you mean: