Network Management

Reply
Frequent Contributor I

Manage & configure S2500 switch by using Airwave

i understand that S2500 can be manage and configure by using Airwave. But can i terminate the S2500 on Airwave instead of Aruba Controller? Which is user authentication and captive portal will be done by Airwave.

Aruba

Re: Manage & configure S2500 switch by using Airwave

No, this is not possible.   The S2500/3500 can operate indpendently or be configured in tunneled node to an Aruba controller; not AirWave.

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Frequent Contributor I

Re: Manage & configure S2500 switch by using Airwave

Configure tunneled node to Aruba controller, if Aruba controller goes down. End user able to connect to network or not?

Aruba

Re: Manage & configure S2500 switch by using Airwave

I do not believe there is fail open in this case, but would appreciate anyone who knows for sure to confirm.   If the controller is not available, the switch will retry every 60 seconds to establish the tunnel.  You do have the option to provide a backup tunneled node controller as well.

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Aruba

Re: Manage & configure S2500 switch by using Airwave

If Tunneled Node with HA is required, either you need to use redundant Mobility Controllers using VRRP or redundant Mobility Controllers with one configured as primary and the other as the backup. If the Tunneled Node cannot get to a controller, there is no fail open.

 

The Mobility Access Switches natively support the same authentication types as the controllers, UDRs, 802.1x, MAC-Auth and Captive Portal so you don't have to use Tunneled Node to bring authentication to the platform.

 

 

Frequent Contributor I

Re: Manage & configure S2500 switch by using Airwave

Due to my customer has limited budget on investing the controller. Have any alternative way which can centrally manage the security policy, access control and authentication but the Captive Portal done by the Mobility Access Switches itself?

Aruba

Re: Manage & configure S2500 switch by using Airwave

Jordontin,

It depends on what you mean by manage the security policy exaclty. You can use the Mobiilty Access Switch with a 3rd party Radius server (e.g. NPS, FreeRadius, etc) and have it pass down the user-role names (e.g. guest, authenticated, etc) to the Mobility Access Switch via the Aruba User-Role VSA depending on the authentication status. There are no 3rd party platforms that can handle the user-role configuration aspects other than Clearpass, Airwave or a Controller using Tunneled Node.

 

Best regards,

 

madani

Frequent Contributor I

Re: Manage & configure S2500 switch by using Airwave

Which version of firmware can support native captive portal, 802.1x etc, user authentication by the Aruba switch itself?

 

Because last time i did test the S3500 running 7.1.xx it was don't have such feature as the Aruba controller. It need go through the controller in order need to authenticate through captive portal.

Guru Elite

Re: Manage & configure S2500 switch by using Airwave

Captive portal is available in 7.2


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: