Security

Reply
New Contributor
Posts: 3
Registered: ‎08-08-2015

Create SSID EAP-SIM

I need to configure an existing SSID on an HP environment in a Aruba controller but I'm having trouble. Could someone help me with those settings?
The following configurations of the SSID on my HP environment:
 
dot1x authentication-method eap
#
radius scheme SIM
 server-type extended
 primary authentication X.X.X.X
 primary accounting X.X.X.X
 key authentication cipher xxxxxxxx
 key accounting cipher xxxxxxxxxx
 user-name-format without-domain
 nas-ip X.X.X.X
#
domain SIM
 accounting login radius-scheme SIM
 authentication lan-access radius-scheme SIM
 authorization lan-access radius-scheme SIM
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#
interface WLAN-ESS100
 description TIM
 port access vlan 100
 port-security port-mode userlogin-secure-ext
 port-security tx-key-type 11key
 undo dot1x handshake
 dot1x mandatory-domain SIM
 undo dot1x multicast-trigger

#
wlan service-template 1 crypto
 ssid WIFI-SIM
 bind WLAN-ESS 100
 cipher-suite ccmp
 security-ie rsn
 undo gtk-rekey enable
 gtk-rekey method time-based 180
 remote-ap keep-client-online
 service-template enable

This SSID is responsible for connections of users with mobile chip.
Guru Elite
Posts: 7,869
Registered: ‎09-08-2010

Re: Create SSID EAP-SIM

Where are those settings from?



The controller is EAP agnostic. Your RADIUS server would be configured for
EAP-SIM.

Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
New Contributor
Posts: 3
Registered: ‎08-08-2015

Re: Create SSID EAP-SIM

Hello Cappalli, thanks for answering.

To better explain the Radius server is in an environment that we have no access. What happens with the HP controllers is that when the User connects to the cell phone SSID, a window and at that time the User selects the device chip.

In Aruba controller I can not make the User choose the type of authentication

Guru Elite
Posts: 7,869
Registered: ‎09-08-2010

Re: Create SSID EAP-SIM

Please post your Aruba config.


Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
New Contributor
Posts: 3
Registered: ‎08-08-2015

Re: Create SSID EAP-SIM

following configurations images. I'm sorry if missed something, I'm not abtuado the configurations of Aruba.

Follows also picture when the User connects to the SSID that is configured in the HP controller.

Aruba
Posts: 1,635
Registered: ‎04-13-2009

Re: Create SSID EAP-SIM

When using termination on the controller as you are, EAP-SIM is not supported.  You would need to remove the termination setting and let termination of the EAP session be done on a RADIUS server that supports EAP-SIM.

 

Refer to the following for details:

http://www.arubanetworks.com/techdocs/ArubaOS_64x_WebHelp/Web_Help_Index.htm?_ga=1.60155757.1508645953.1422289203#ArubaFrameStyles/802.1x/Overview_of_802_1x_Authe.htm?

 

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Search Airheads
Showing results for 
Search instead for 
Did you mean: