Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Cisco AP's and radius authentication

This thread has been viewed 1 times

  • 1.  Cisco AP's and radius authentication

    Posted Apr 13, 2012 10:49 PM

    Hello,

     

    We just started deploying Aruba AP's to replace older Cisco wireless AP's. We will continue to use the newer Cisco AP's in our environment but need the "guest",  radius, 802.1x authentication that can be done with the Aruba AP's. The radius authentication will be handled by a Microsoft IAS on server 2003. What is the best way to approach this? Is this doable with Airwave?

     

    Regards,

     

    Tom



  • 2.  RE: Cisco AP's and radius authentication

    EMPLOYEE
    Posted Apr 14, 2012 12:49 AM
    @Thomas.green@cmworks.com wrote:

    Hello,

     

    We just started deploying Aruba AP's to replace older Cisco wireless AP's. We will continue to use the newer Cisco AP's in our environment but need the "guest",  radius, 802.1x authentication that can be done with the Aruba AP's. The radius authentication will be handled by a Microsoft IAS on server 2003. What is the best way to approach this? Is this doable with Airwave?

     

    Regards,

     

    Tom

    What servicces are you using the newer Cisco access points for?

    Are those Cisco access points "lightweight" or are they standalone?

     

     



  • 3.  RE: Cisco AP's and radius authentication

    Posted Apr 14, 2012 09:10 AM

    The Cisco AP's are standalone and are being used for standard network access for laptop and guest users.



  • 4.  RE: Cisco AP's and radius authentication
    Best Answer

    EMPLOYEE
    Posted Apr 14, 2012 10:13 AM

    If I've understood it well, you want a splash page (with radius authentication) resenbling the one you have with your IAPs. Am I right?

     

    If that's the case, I'm afraid you can't do it with autonomous Cisco APs.

     

    However, I can think of 2 workarounds (one of which i am not too sure of).

     

    1. I am not  sure if this would work, but maybe you could use your Aruba Virtual Controller as default gateway for the guest vlan. You'd then need to attach your cisco APs (same SSID/encryption)  to that vlan and pray for the IAPs splash page to appear.
    2. You can also buy a wireless LAN controller (both Aruba and Cisco would suit you) and configure a guest portal both for wireless and wired access. Then you'd only need to configure both your WLC and autonomous/instant APs with the same SSID and encryption.

    Hope this helps

     

    Regards

     

     

     

     



  • 5.  RE: Cisco AP's and radius authentication

    Posted Jul 05, 2012 02:07 AM

    Samuel, yo usuggest to buy wireless controller just for the guest portal? :D

     

    This really doesn't scale.

     

    I suggest to use some opensource radius server and opensource hotspot solution for the guest access.