05-24-2016 11:45 AM
Hi all -
This is kind of complicated - so please ask for anything I may have forgotten
I have an 2 Aruba 3400 controllers and a 1 ClearPass server for authentication located at HQ, I also have an Airwave server that is still in test - not purchased yet. Most sites are connected with either a VPN tunnel or MPLS, we do have several that are not and still need the IAPs to work there too.
I'm looking to expand the current networks using IAPs. I have configured the IAP (RAP-155) to tunnel back to the controller - that's the good news. But I need to be able to utilized the Clearpass server to control access to via the certs based on it. Need to have the same SSIDs available to all users (there are 5 of them: emp, byod, tv, display, guest)
The IAPs can either communicate through the Internet or through the VPN/MPLS at each location. All users that connect to the emp ssid need to have full internal access to systems at HQ (like a wiki for example). We would like to have split tunneling on Internet traffic to make things better at the individual sites for Internet access.
We also have Apple TV's located at many of the locations that currently are not working on wireless and would like them to be accessible while people are connected to the networks
So I understand if somebody comes back and says please call TAC - that is my next step. I have been reading all of the docs I can find on IAP configuration and setup. It's a complicated little beast and just wondering if anybody else out there has tackled it or has any advice.
Appreciate the help!
05-24-2016 11:49 AM
You can also take a look at ASE which has some common configuration scenarios.
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
06-23-2016 09:29 AM
We are working with TAC to get all this setup, we are also working with a vendor to add IAPs to lots of offices and move from our current configuration and off load the controllers. IAPs seem like a great way to go.