Security

Reply
Occasional Contributor I
Posts: 9
Registered: ‎12-17-2012

ClearPass and IAP Virtual Controller IP

I created a VirtualController for a group of IAPs. I can get to the VC and see my cluster of IAPs to manage through the assigned APs. I added the VC IP into ClearPass under Configuration->Network->Devices. I then created the radius servers on the IAP using the same shared secret and ensuring the correct IPs were used. When I try to connect to a SSID that requires radius auth through CP it fails and doesn’t hit CPPM.

 

My next test was to take the IP of the AP and NOT the IP of the VC and add it to ClearPass. Once I did that and removed the VC IP for CPPM everything worked.

 

Can clearpass use the VC IP to perform radius authentications?

Guru Elite
Posts: 20,419
Registered: ‎03-29-2007

Re: ClearPass and IAP Virtual Controller IP

You need to enable Dynamic Radius Proxy so it always used the VC ip address.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Aruba
Posts: 1,638
Registered: ‎04-13-2009

Re: ClearPass and IAP Virtual Controller IP

[ Edited ]

EDIT:    cjoseph beat me to it........

 

 

You need to enable Dynamic RADIUS Proxy in the Settings:

 

instant-radius-proxy.jpg

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Occasional Contributor I
Posts: 9
Registered: ‎12-17-2012

Re: ClearPass and IAP Virtual Controller IP

Thanks to bothof you for the solution! It works great!

Search Airheads
Showing results for 
Search instead for 
Did you mean: