10-17-2013 10:13 AM - edited 10-17-2013 10:18 AM
One of our clients has an SSID that uses an external LDAP server for authentication. And they have asked if it is possible to enable MAC Authentication, before the 802.11x authentication happens. From what I have read in the User Guide this should be possible in certain scenarios.
Unfortunately I haven't been able to make it work in our lab environment, which is set up like this:
- WLAN Authentication is WPA2-Enterprise PEAP-GTC
- The users authenticate against an Active Directory (LDAP)
- I have added the allowed MAC addresses to the Aruba Instant User Database.
I have been able to set up MAC Authentication an WPA2 Pre Shared Key, but not this scenario.
When setting up WPA2 PSK I'm able to select which authentication server I'll use for the MAC addresses (as shown in the screenshot 2), but not when using WPA2-Enterprise (on the other screenshot 1)
We are running an IAP 135 cluster with version 188.8.131.52-184.108.40.206.
Is it possible to use both LDAP Authentication to an external server and Mac Authentication (Internal Aruba Instant User DB) on the same SSID at the same time? Is there another way to do this?
11-24-2015 02:44 PM
I'm running ArubaOS on a 7005-Controller based solution with AP214's. I want to use LDAP to authenticate MAC addresses and users. Preferably, to add the MAC address in some additional field in LDAP vs. separate MAC address accounts, but right now, getting this to work with separate MAC address accounts is doable.
It does appare the MAC address is successfully authenticated via LDAP, but the LDAP service is unable to assign derivation (?). The user doesn't seem to be authenticated after the MAC address succeeds. AT least nothing shows in the logs to indicate that it does.