Monitoring, Management & Location Tracking

Configuring FreeRADIUS to authenticate AWMS Users

This document describes configuring AWMS and FreeRADIUS so that AWMS users are authenticated against a FreeRADIUS server. The process involes making 3 configuration changes on FreeRADIUS, and defining that FreeRADIUS server as an auth server for the AWMS.


I. For each user, add an Aruba-Admin-Role attribute:


<username> User-Password := "<password>"
Aruba-Admin-Role = "<name of awms role>


jane User-Password := "password123"
Aruba-Admin-Role = "AMP Administration" 

john User-Password := "topsecret"
Aruba-Admin-Role = "ResNet AP Monitoring" 
Framed-IP-Address =
Framed-IP-Netmask =

II. Define a shared secret (which also must be added on the AWMS):

In /etc/raddb/clients.conf add a section allowing the AWMS (or a network) to be a RADIUS client:


client <ip address or network> {
secret = <secret>
shortname = <label>


client {
secret = airwave
shortname = corp_dev_net

III. Copy dictionary.aruba from the AWMS's filesystem to the FreeRADIUS server:

Location on AWMS: /opt/airwave/share/freeradius/dictionary.aruba 
Copy to this directory on FreeRADIUS: /usr/share/freeradius/dictionary.aruba


On the AMP Setup -> Authentication page, enable RADIUS Auth, and provide the ip addresses, ports and secrets for your FreeRADIUS servers.

Version History
Revision #:
1 of 1
Last update:
‎06-06-2014 03:38 PM
Updated by:
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.