Security, WIDS/WIPS and Aruba ECS

Reply
Occasional Contributor II
Posts: 19
Registered: ‎07-13-2009

how to configure users file to reply the User VLAN

Hello,

I know only you have to configure the freeradius server to return the VLAN to the aruba, and that's all. I believe it is configured in the users file. Nothing has to be configured in the aruba controller, because aruba controller automatically set the users vlan with that returned by the radius server.
I have freeradius 2.1, and the configuration of my users file is like the following:

...
DEFAULT Auth-Type = LDAP
Aruba-User-Vlan = 20,
Fall-Through : = 1
....

once I do radiusd -X, I see only the first access-challenge with the Aruba-User-Vlan Attirbute, and no more access-challenges have this attribute.
So, it is not working :(, May be i am close to the solution but I don't know what to do, and also I don't know what happen.

Any ideas please?

Thank you very much

regards
Guru Elite
Posts: 20,578
Registered: ‎03-29-2007

Debug and Radius


Hello,

I know only you have to configure the freeradius server to return the VLAN to the aruba, and that's all. I believe it is configured in the users file. Nothing has to be configured in the aruba controller, because aruba controller automatically set the users vlan with that returned by the radius server.
I have freeradius 2.1, and the configuration of my users file is like the following:

...
DEFAULT Auth-Type = LDAP
Aruba-User-Vlan = 20,
Fall-Through : = 1
....

once I do radiusd -X, I see only the first access-challenge with the Aruba-User-Vlan Attirbute, and no more access-challenges have this attribute.
So, it is not working :(, May be i am close to the solution but I don't know what to do, and also I don't know what happen.

Any ideas please?

Thank you very much

regards




Aangles,

You might want to turn on debugging on the Aruba controller to see what attribute is coming back:

config t
logging level debug security subcat authmgr
exit


Then look at the security log:



After that, you need to open a support case with your Radius server manufacturer or post a question on their forums to find out how to do this.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: