Both ArubaOS_5.0CRG and ArubaOS_6.0CRG only mention EAP-GTC and EAP-MS-CHAPv2.

---

arubamonkey wrote:

Tried different browser, still don't see it. Here's a screenshot:

 

http://s17.postimage.org/pgo7zrhhr/EAPTLS.jpg

 

The option doesn't come up in the CLI either.

 

(WLC#1) (802.1X Authentication Profile "TEST-dot1x_prof") #termination inner-eap-type ?
eap-gtc                 Select EAP-GenericTokenCard as the inner
                        authentication protocol
eap-mschapv2            Select EAP-MSCHAPV2 as the inner authentication
                        protocol

 

 

I'm using 5.0.4.3. Are you aware of any issues with this version?

---

Wait.  When you choose TLS, you do not have to choose an inner EAP type.  The screenshot in the doc is incorrect.

I am going by the EAP-TLS document which has this step in 2) b.iv. Which Inner-EAP type does it select by default if neither option is selected?

Yes.  The screenshot in that document has an error.

Thanks a lot man. If I had an award, I would give it to you.

Hey one last thing, since I have a Master-Local setup and can't change anything on the Local controller, which server cert do I choose in the dot1x profile on the Master controller? Does the Master perform the authentication or the Local? I guess the cert should be for the one that does authentication.

You need to upload  CA as well as server cert on both.   CA cert is the same, but server cert is usually different. Auth occurs on the local, or the master, wherever the AP is connected.

I've uploaded the specific server certs to each controller as well as the same trusted cert on both. In my setup, the APs terminate on the local controller but I can't change the config on the local. So on the Master, do I upload the Local's server cert as well and select that in the dot1x profile since the APs terminate on it?

You should be able to upload the cert for the local on the local, and assign it to the name profile name that is referenced in the master config.