Security

Reply

Cisco Controller integration with clearpass

Does anyone got a technote on how to do it ?:)

 

I got the integrating it with a Cisco Switch but i cannot find one which is with the Cisco wireless Controller

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Aruba

Re: Cisco Controller integration with clearpass

What are you trying to do. Guest or .1x

Here is onboard and .1x

https://ase.arubanetworks.com/solutions/id/46

Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.

Re: Cisco Controller integration with clearpass

Hi

 

You looking for 802.1x guide or guest access guide?

 

Let me know - and i will send u the info i got.

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************

Re: Cisco Controller integration with clearpass

Yes im looking a 802.1x with cisco WLC

 

Troy

The one on the solution ideas its the onboard one with Cisco WLC.   I want 802.1x with cisco WLC

 

Cheers

Carlos

 

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp

Re: Cisco Controller integration with clearpass

Hi,

Did u read here:

http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/Clear-Pass-integrate-with-Cisco-WLC/td-p/142741

 

(I Uploaded in the past a lot of info)

 

and here (from Cisco)

http://www.google.co.il/url?sa=t&rct=j&q=&esrc=s&source=web&cd=5&ved=0CD0QFjAE&url=http%3A%2F%2Fwww.cisco.com%2Fc%2Fdam%2Fen%2Fus%2Ftd%2Fdocs%2Fsolutions%2FSBA%2FAugust2012%2FCisco_SBA_BN_LANAndWirelessLAN802-1xAuthenticationDeploymentGuide-Aug2012.p...

 

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************

Re: Cisco Controller integration with clearpass

Cisco side :
- Configure an ACL that allows communication to your CPPM throught HTTP/HTTPS, also allow DNS, DHCP . this acl is similar to the captiveportal  And logon-control ACLs on the Aruba side that you for the Guest-Logon role or onboard provisioning role
- create a network with Layer 2 802.1X and in the Layer 3 use a conditional redirect and select the preauth ACL you previously created
- Add CPPM as a radius server and enable CoA and radius accounting

Aruba :
You can use the onboard templates that already exist on you CPPM the only thing you need to change are the enforcement profiles :
- For the redirect you need an enforcement profile using the Cisco radius attributes Cisco av-pair and instead sending role you use the URL-redirect:<Onboard URL>
- You can either assign a VLAN Or send an radius accept so the device gets the default VLAN assigned to the network
- To send a different you use the Radius ietf
IETF 64 (Tunnel Type)—Set this to VLAN.
IETF 65 (Tunnel Medium Type)—Set this to 802
IETF 81 (Tunnel Private Group ID)—Set this to VLAN ID.

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: