Security

Is there any documentation showing best practice or samples for configuring ClearPass with an Aruba Controller using VIA?

I want to get a basic setup working first with just username/password authentication using ClearPass Policy Manager to pass a role back to the controller. Once I get that working I would expand it to include different roles based on if a device can do EAP-TLS authentication with a CP Onboard cert, or based on AD group membership of the userid, etc.

These should help you get started.

I do not see in RADIUS request the NAS-Port-Type field with the value "Virtual (5)".

I see instead this value: "802.11 (19)", what may be wrong? 

that would point to your request coming over wireless, are you certain this is a VIA request and nothing somethin from the wireless  network?

Tim, 

My question is in reference to your Authentication Method you created for EAP TLS, Which bits did you flip in that customized Method to get things to work with your CA? 

We run our own Root CA here and I'm trying to get this bugger to perform VIA over EAP-TLS now instead of MSCHAPv2..

I've got my CA uploaded to my ClearPass and all of my clients have Certs pushed via GPO so I think I'm good there.  Not sure how to groom my AuthMethod. 

Also any coaching on the Controller side would be greatly assistive. As I can see it the only two VIA Auth Methods supported are PAP and MSCHAPv2.

My connection profile seems to be correct as I See it here. Any coaching would be appreciative. 

Thanks a TON in advance.