Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Aruba Activate and CPPM

This thread has been viewed 1 times

  • 1.  Aruba Activate and CPPM

    Posted Nov 19, 2014 07:35 PM

    Looking for a little help and hoping that someone on the forums might be able to lend me some of their knowledge.

     

    I am setting up CPPM to authenticate RAPs and using Aruba Activate to populate the Endpoint DB. Most of the configuration is working as expected except assigning the AP Name. In Asset Tracker > Output > Radius Response, two responses are sent back to the controller, Radius:Aruba:Aruba-AP-Group and Radius:Aruba:Aruba-AP-Name.

     

    first.png

     

    The Enforcement Profile used for RAP authentication

    second.png

     

    The Attribute Tab of the RAP

    threepng.png

     

    The response from CPPM is correct. On the controller, I see that the RAP is placed in the correct AP-Group but the name is still using the MAC of the RAP instead of the Radius response (Aruba-AP-Name) from CPPM.

     

    Show ap active:

    00:0b:86:XX:XX:XX CPPM-RAP 1.1.1.4 0 AP:HT:11/9/18 0 RAP-3WNP

     

    Debugging aaa and authsvr does not log anything, but debugging user logs “Authentication result=Authentication Successful method=VPN server=CPPM Server Name”


    Not sure what is missing. Any ideas?



  • 2.  RE: Aruba Activate and CPPM
    Best Answer

    Posted Nov 19, 2014 07:53 PM

    Try returning Aruba-Location-ID instead of Aruba-AP-Name.

     

     



  • 3.  RE: Aruba Activate and CPPM

    Posted Nov 19, 2014 08:00 PM

    That was it.  Thanks for you help.