Packetfence Side:
- add an Aruba swtich Configuration
==> don't forget the Radius Secret
If you are using the Virtual Controller as a Radius Proxy, use it's IP instead of the IAP Address in the packetfence configuration
Aruba Side:
in the PEF configuration:
- add an authentification server:
- type: Radius
==> it seems CoA has been implemented in the latest firmware (juste discovered :)) but i haven't tested it, so i would not tick the CoA Only box.
- name: [add a fency name]
- ip: [your packetfence IP]
- Shared key: [add your Radius Secret Key]
- RFC3576: Enabled
- NAS IP: (optional) [your VC IP]
- NAS identifier: (optional) [a fency name]
This is just the configuration, it really depend on how you use packetfence (inline ou outband) your Vlan Configuration and many more configuration tips.
If you are using Packetfence ZEN, then you should configuration your Wireless network like this:
Aruba Network configuration:
Vlan:
- Client Ip Assignement: Network Assigned
- Client vlan Assignment: Dynamic
VLAN Assignment Rules:
- Attribute: Tunnel-Private-Group-Id contains 1 VLAN: 1
- Attribute: Tunnel-Private-Group-Id contains 1 VLAN: 4
Security:
MAC Authentification : enabled
Authentification server: [your authentification server name]
hoping this helps,
Regards,
Xinity