Security

Reply
Occasional Contributor I
Posts: 6
Registered: ‎09-27-2016

802.1x Authentication with Avaya Identity Engine

Hello everyone and apologies if this question has already been asked and answered.  I'm new to the Aruba wireless world especially considering I have worked most of my life with Avaya/Nortel wired/wireless networks.  Currently I have a new wlan I will be turning up using the Aruba 315 APs with a single controller, more or less as a proof of concept for my managment team to justify the migration from the Avaya 8100 series wireless.  Currently in my Avaya wireless network I use their Radius server (Identity Engine) to handle all my authentication for my 802.1x network.  In looking thru the Aruba documentation I have yet to see what radius attributes I need to return to grant access if the client/computer is in the correct group in my Active Directory.  I'm hoping I haven't overlooked it or it's not something super simple such as the default granted access.  On my Avaya wlan I have to return the attribute that says which network profile and vlan to associate the client with.  Any information you can provide would be greatly appreciated.  I'm hoping to show that the Aruba wireless is worth the switch as I am looking to possibly within the next year change out over 600 access points.

Guru Elite
Posts: 8,632
Registered: ‎09-08-2010

Re: 802.1x Authentication with Avaya Identity Engine

Does IDE have an Aruba RADIUS dictionary built-in?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor I
Posts: 6
Registered: ‎09-27-2016

Re: 802.1x Authentication with Avaya Identity Engine

A very limited dictionary, however I can create all the custom attributes I need to (Something I had to do with their wireless to make it work).

Guru Elite
Posts: 8,632
Registered: ‎09-08-2010

Re: 802.1x Authentication with Avaya Identity Engine

All you need is the Aruba-User-Role VSA

Vendor 14823
Attribute Number 1
Type String

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor I
Posts: 6
Registered: ‎09-27-2016

Re: 802.1x Authentication with Avaya Identity Engine

Thank you so much, I will give it a try first thing in the morning and let you know how it turns out.  I'm assuming for the VSA I will enter the role I specified when setting up the policy enforcement firewall?  Hopefully if my management accepts this solution when I roll out the other ap's I can go ahead and purchase clearpass then.

Occasional Contributor I
Posts: 6
Registered: ‎09-27-2016

Re: 802.1x Authentication with Avaya Identity Engine

Sorry for the late reply, been busy with a 1:1 rollout for students.  The solution worked like a charm.  Thank you so much.

Search Airheads
Showing results for 
Search instead for 
Did you mean: