Controller-less WLANs

 View Only
last person joined: one year ago 

Articles relating to existing and legacy HPE Aruba Networking products and solutions including IAP, Central / HPE Aruba Networking Central, MSR, and Outdoor Mesh
Back to Library

With EAP termination, do I need to upload certificate on every IAP in the cluster? Do I need to get one certificate for each IAP in the cluster? 

Jul 01, 2014 05:38 PM

Environment  :  This article applies to all Aruba Instant platforms and versions.

 

No, the certificate has to be uploaded on the virtual controller only.

Aruba Instant has a built-in FreeRadius server that can support:

• LEAP
• EAP-TTLS (MSCHAPv2)
• EAP-PEAP (MSCHAPv2)

However; note that EAP-PEAP and EAP-TTLS require a server certificate. Instant APs do not get shipped with a server certificate. Each time user uploads a new certificate file to Aruba Instant AP through the webUI, the master AP distributes that same certificate to all the member APs in the cluster. This allows a single certificate to be available for use on all the Instant APs in the cluster and ensures that 802.1x authentication still happens if the master AP (Virtual Controller) goes down.

Statistics
0 Favorited
2 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.