Two-Factor Authentication for Aruba Central

Aruba Employee
Requirement:

Two-factor authentication for second layer of security when logging into Aruba Central Account.



Solution:

Central now supports two-factor authentication to offer a second layer of security to your login, in addition to password. When two-factor authentication is enabled on a user account, the users can sign in to their Central account either through the mobile app or the web application, only after providing their password and the sixdigit verification code displayed on their trusted devices. When two-factor authentication is enabled at the customer account level, all the users belonging to the customer account are required to complete the authentication procedure when logging in to Central. If a user account is associated with multiple customer accounts and if two-factor authentication is enabled on one of these accounts, the user must complete the two-factor authentication during the login procedure. If two-factor authentication is enabled on your accounts, you must install the Google Authenticator app on your devices such as mobile phones to access the Central application. When the users attempt to log in to Central with their credentials, the Google Authenticator app provides a six-digit verification code to complete the login procedure.



Configuration:

Enabling Two-factor Authentication for User Accounts:

To enable two-factor authentication, complete the following steps:

1. Click Maintenance > User Management. The User Management page opens.
2. From the Actions menu, set Two-Factor Authentication (2FA) to ON. The two-factor authentication is enabled for all the users associated with a customer account.

 

 

Installing Google Authenticator App:

For two-factor authentication, ensure that the Google Authenticator app is installed on your mobile device. During the registration process, the Central application shares a secret key with the mobile device of the user over a secure channel when the user logs in to Central. The key is stored in the Google Authenticator app and used for future logins to the application. This prevents unauthorized access to a user account as this authentication procedure involves two-levels for secure transaction. When you register your mobile device successfully, the Google Authenticator app generates a six-digit token for the second level authentication. The token is generated every thirty seconds.

 

 



Verification

Two-factor Authentication for Central Web Application:

When two-factor authentication is enabled for a customer account, the users associated with that customer account are prompted for two-factor authentication when they log in to Central. To complete two-factor authentication, perform the following actions:

1. Access the Central website.
2. Log in with your credentials. If two-factor authentication is enforced on your account, the two-factor authentication page opens.

 

 

3. Install the Google Authenticator app on your mobile device if not already installed.
4. Click Next.
5. If this is your first login since two-factor authentication is enforced on your account, open Google Authenticator on your mobile device.
6. Scan the QR Code. If you are unable to scan the QR code, perform the following actions:
                 a. Click the Problem in Reading QR Code link. The secret key is displayed.
                 b. Enter this secret key in the Google Authenticator app.
                 c. Ensure that the Time-Based parameter is set. Aruba Central is added to the list of supported clients and a six-digit token is generated.

 


7. Click Next.
8. Enter the six-digit token.

 

 

 

9. Select the Remember 2FA for 30 Days check box if you want the authentication to expire only after 30 days.
10. Click Finish.

 

 

Version history
Revision #:
2 of 2
Last update:
‎03-25-2017 08:22 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: