Security

Reply
New Contributor

How do you configure Packet Fence to work with the Aruba 3600 controller. Both for guest and secure

I am trying to integrate the Aruba 3600 controller with PacketFence running on CentOS 6.5.  Any help from someone who has done this for both guest and secure networks would be greatly appreciated.  

Re: How do you configure Packet Fence to work with the Aruba 3600 controller. Both for guest and se

have you seen this:

http://www.sogo.nu/files/downloads/PacketFence/doc/PacketFence_Network_Devices_Configuration_Guide-3.3.2.pdf

 

no personally experience, on my to check out once list though.

New Contributor

Re: How do you configure Packet Fence to work with the Aruba 3600 controller. Both for guest and se

Unfortunately this is only one piece of the puzzle and rumor has it doesn't play well with 6.3 release of the controller firmware.

Occasional Contributor II

Re: How do you configure Packet Fence to work with the Aruba 3600 controller. Both for guest and se

 


andrewkrosf wrote:

Unfortunately this is only one piece of the puzzle and rumor has it doesn't play well with 6.3 release of the controller firmware.


I can attest to that... playing around with Packetfence 4.2.2 with firmware 6.3.1.8 and behavior has been finicky.  The weirdest thing I've seen is after a successful CoA from packetfence, the user's role appears correct in the users table, but remains unchanged in the datapath.  I haven't pinointed the issue, but it doesn't happen with clear pass in the same scenario.

Contributor I

Re: How do you configure Packet Fence to work with the Aruba 3600 controller. Both for guest and se

Hey derek, 

 

Any update on packetfence with 6.3.1.8?

 

We're trying to get it working and everything appears to work fine but when COA comes in the user-table doesn't get updated - i have to remove myself manually from user-table in order to get the right role....

Occasional Contributor II

Re: How do you configure Packet Fence to work with the Aruba 3600 controller. Both for guest and se

I had to scrap the project before finding a solution.

 

I think if you can write a custom script and call it from within PacketFence or by way of FreeRadius proxy, you could sidestep the CoA issue. I was thinking the script would log into the controller(s) and run "aaa user delete mac xx:xx:xx:xx:xx:xx" w/the user's MAC.  

 

Not pretty, but could work.  I did something similar w/MAC-auth-fail-open to get usernames populated into my controller from a netreg box.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: