Security, WIDS/WIPS and Aruba ECS

Reply
New Contributor
Posts: 4
Registered: ‎01-01-2011

LDAP authentication from linux server with CP

Hi everyone

I want to authenticate user from CP with LDAP server. We already use this LDAP server at wired network with Astora Firewall. This system running as follows; when user attend the wired network the astora Portal meet them and the authenticade their Domain username password and user go its vlan. (LDAP server separate user with departman attribute)

At the Aruba wireless system we want only authenticate user (no spesific vlan assignment) via LDAP server with CP. We can assignment everyone single vlan (wireless vlan)

Which path sholud I follow?
Guru Elite
Posts: 20,415
Registered: ‎03-29-2007

Re: LDAP authentication from linux server with CP

Steps:

- Add your LDAP server to the Aruba Controller and test it. Go to Configuration> Security > Authentication. Click on LDAP server, type the friendly name of the LDAP server and then click on the add button. Enter the details of the ldap server. Go to Maintenence > AAA Test server to test connectivity to that server.

- Next you want to use the LAN/WLAN wizard to create that LAN. Go to Configuration> LAN/WLAN wizard to create that wireless network. Make sure you choose the guest option, if you have to decide between guest and internal.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 4
Registered: ‎01-01-2011

Re: LDAP authentication from linux server with CP

Thanks for your reply,

in the LDAP server configuration page, there are few parameter ı dont know the meaning. We want that, when a person authenticate SSID the some role attach him. How can I configure this role? I think our ldap configuration has a some group name for role. (different group will have different role)

if it is a very complicate system may be we can do everyone can has same role. if your path is true and enough ı think we will succes. I wil try it tomorrow.
Guru Elite
Posts: 20,415
Registered: ‎03-29-2007

Re: LDAP authentication from linux server with CP

Let us configure the authentication for the LDAP server first. Test that authentication by using the Diagnostics TAB> AAA Test server. You can then decide how you want users to get different roles after that works correctly


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 4
Registered: ‎01-01-2011

thanks

Thank you, ı configure and it start work finly:)
Occasional Contributor II
Posts: 44
Registered: ‎10-06-2009

Re: LDAP authentication from linux server with CP

I have a similar issue.

I want to assign VLANs to users that are authenticating via CP against an LDAP source.

Users can sucessfully authenticate, but VLANs aren't assigned. I can successfully assign roles based on values returned from the LDAP server, but not VLANs.

Any ideas?

Thanks,
Matt
Guru Elite
Posts: 20,415
Registered: ‎03-29-2007

Re: LDAP authentication from linux server with CP

When a user is assigned to a captive portal SSID, you can switch the VLAN by putting the user in a role that has a VLAN hardcoded after authentication, but unless the link goes up and then down, the wireless device does not know that it is on a different VLAN, and will fail to send traffic successfully.

There are ways to do this with a DHCP server that provides leases for seconds, but it is not good in practice.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: