Security

Reply
New Contributor

802.1x Authentication with NPS problem

We will be using 802.1x authenticaitonon Aruba controller with 802.1 and authentication server being Radius NPS. We have already implemented NPS authentication on the wired LAN with slightly different rules. 

I have managed to get user machines to authenticate, however the problem I had is that user attributes like user role, vlan etc. are derived from the NPS policies and implemented for each user individually after user authenticates. I end up in a mess and we can not make any changes on the NPS policy as it is already in use in the wired LAN. 

I am struggling ot set up the Aruba controller to ignore all NPS atributes and only use it  to authenticate/reject users.

Can you pleae help? 

Guru Elite

Re: 802.1x Authentication with NPS problem

You can duplicate the policies in NPS (connection request policy, etc) and then restrict the new one to service-type Wireless and your controller's NAS-IP. Then you can make changes to the ruleset that won't affect wired. 


Thanks, 
Tim


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
New Contributor

Re: 802.1x Authentication with NPS problem

Tim, thank you for your response. Is there an option just to get accept/reject from the NPS and ignore all other policies, which I will configure locally on the controller?

It is different team dealing with the NPS and is a bit harder to get things done.

Guru Elite

Re: 802.1x Authentication with NPS problem

Allow access and deny access shop's send the accept/reject response. 


Thanks, 
Tim

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
New Contributor

Re: 802.1x Authentication with NPS problem

Than you for yor response. I still can not make to work, so I will raise a case with Aruba support.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: