Controllerless Networks

last person joined: 19 hours ago 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

Authentication survavility

This thread has been viewed 0 times

  • 1.  Authentication survavility

    Posted Dec 06, 2013 06:19 PM

    I know authentication survivability only works with Clearpass. I tried with NPS and it doesn't work. But I would like to know why only work with Clearpass. Is it due to certificate?. Something more than Radius standard?.
    Thanks in advance


  • 2.  RE: Authentication survavility

    EMPLOYEE
    Posted Dec 06, 2013 07:26 PM
    @muwatalli wrote:

    I know authentication survivability only works with Clearpass. I tried with NPS and it doesn't work. But I would like to know why only work with Clearpass. Is it due to certificate?. Something more than Radius standard?.
    Thanks in advance

    This is only available between IAP and Clearpass.  There is a special exchange between IAP and clearpass that gives IAP the ability to authenticate a user when the ClearPass is no longer available.  NPS does not have this exchange.  It is not a radius standard.



  • 3.  RE: Authentication survavility

    Posted Dec 06, 2013 07:40 PM

    thanks a lot

     

    i was very surprise, becouse doing some tests i realize when clearpass was not available, IAP sends other certificate to clients and then it is able to connect. Same bevahivor with NSP, but in this case Client can't connect. So, i thought relationship between IAP and Clearpass is more than just RADIUS standars.

     

    do you have more details about this relationship?



  • 4.  RE: Authentication survavility

    EMPLOYEE
    Posted Dec 06, 2013 08:47 PM
    @muwatalli wrote:

    thanks a lot

     

    i was very surprise, becouse doing some tests i realize when clearpass was not available, IAP sends other certificate to clients and then it is able to connect. Same bevahivor with NSP, but in this case Client can't connect. So, i thought relationship between IAP and Clearpass is more than just RADIUS standars.

     

    do you have more details about this relationship?

    The user guide here:  http://support.arubanetworks.com/DOCUMENTATION/tabid/77/DMXModule/512/Command/Core_Download/Default.aspx?EntryId=12480 explains authentication survivability in detail.



  • 5.  RE: Authentication survavility

    Posted Dec 07, 2013 04:42 PM
    Thanks a lot cjoseph;

    I knew the user guide, but not too much information into de doc. Maybe one page.

    My question was more about what king on info in shared between IAP and Clearpass to support survavility because standard Radius protocol doesn't support this funcionality.


  • 6.  RE: Authentication survavility

    EMPLOYEE
    Posted Dec 07, 2013 04:59 PM
    Anything that has to do with passwords I am sure only the functionality will be described in public documentation. If you have any other Questions, you should ask your Aruba sales team.


  • 7.  RE: Authentication survavility

    EMPLOYEE
    Posted Jan 16, 2014 06:19 PM

    Does a certificate need to be uploaded to the Instants for this to work in the event of a loss of connection with Clearpass?



  • 8.  RE: Authentication survavility

    Posted Jan 17, 2014 10:17 AM

    Michael, Instant has a default certificate which would be used for this purpose. You could also upload a certificate.