Security

Hi!

I'm trying to integrate CPPM with Ruckus Wireless solutions and Dell Switching solutions.

So, I have some questions to ask:

802.1x with Dell Switches = Works fine, just need to known if I can redirect users to Onguard portal with some url redirect.

802.1x with Ruckus Wireless = Can't authenticated users with 802.1x. I follow the same setup as an IAP, with some changes to compliance with Ruckus. On IAP works fine, but when a use Ruckus, the client shows authenticated on CPPM (so, Services are correctly configured) but still can't connect on network.

Onboard with Ruckus Wireless = I use the option of two SSIDs, one for Onboard and another for clientes Onboarded. On SSID Onboard, I configure the captive portal device_privisioning.php and the user can install the certificate/profile. When the user tries to connect on SSID Onboarded, I stuck because the same problem with 802.1x.

- What model Dell switches?

- Please post screenshots of your configuration

- Have you reached out to your Aruba Clearpass partner?

Hi, thanks for your response.

- What model Dell switches?

Dell Switches N3000 Series and Powerconnect Series.

- Please post screenshots of your configuration

Follow attached.

- Have you reached out to your Aruba Clearpass partner?

Yes, they are researching internally with the team.

I download the Clearpass POC Kit and I can't see any documentation to use CPPM with Ruckus.

Unforutnately I don't have a Dell N-series switch to test with but from a quick glance at their docuemtnation, they don't appear to support external captive portal redirect. In this case, you would need to use their internal captive portal and point the authentication piece to ClearPass, or you'd need to investigate using wildcard DNS if external redirect to ClearPass is required.

For Ruckus, they should be accepting a generic IETF Access-Accept message. What do the logs on the Ruckus controller show?

Well, this is weird.

At Ruckus Controller I see the message:

User[d4:f4:6f:a1:e9:7c] failed to log in. No permission or incorrect credentials.

With this same credentials I can authenticate on IAP.

PS.: This settings may be different from screenshoot I post because now I'm testing in my lab environment.

Attachment(s)

Dashboard_Details.txt   2 KB 1 version

Clearpass-LogAuth.txt   16 KB 1 version

Hi!

someone?

Hello,

Just an update. I've got this logs from Ruckus, CPPM and a Packet Capture from Ruckus to CPPM.

PS: Just rename the PacketCapture.png to PacketCapture.pcap

Attachment(s)

CPPM-Outputs_11-45.txt   2 KB 1 version

RUCKUS-EventLog.txt   609 B 1 version

Well, I found a KB article at Ruckus Support that solve my problem. And, it's simple.

Is it possible to Integrate Aruba Clearpass with Ruckus SmartZone 100 Virtual Controller ? please share me the documentation for this integration.

Thanks

Rgds,
Jefri

Hi Jefri,

Did you find an answer about this integration?

Regards

N3tw0rk3r

ClearPass will integrate with any vendor, even the coffee machine if you want to.

Documentation about Ruckus you can see at they website.

ClearPass will be just the Radius Server that will authenticate clients using 802.1X, MAC-AUTH. If you want to know about Captive Portal, you can use the documentation provided by Ruckus to integrate with external captive portals.