Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

How to create internal radius server in Aruba wireless controller.

This thread has been viewed 8 times

  • 1.  How to create internal radius server in Aruba wireless controller.

    Posted Dec 20, 2013 03:40 AM

    How can i create a radius server in Aruba controller so that the user points to raduis server and radius server  further points to external AD server for authentication.

     

    Requirement: Without implementing external firewall or external radius server, The user should get authenticated by  external AD server through internal Radiu server.



  • 2.  RE: How to create internal radius server in Aruba wireless controller.

    EMPLOYEE
    Posted Dec 20, 2013 04:22 AM

    That would be called Termination.  Unfortunately, the only way to authenticate via AD without installing a radius server is using LDAP, but that requires custom software to be installed on each client.  IMHO, it is too complicated:  https://arubanetworkskb.secure.force.com/pkb/articles/HowTo/R-24

     

    It is alot easier to install a radius server:  http://community.arubanetworks.com/t5/Community-Tribal-Knowledge-Base/Step-by-Step-How-to-Configure-Microsoft-NPS-2008-Radius-Server/ta-p/80672

     

     



  • 3.  RE: How to create internal radius server in Aruba wireless controller.

    Posted Dec 20, 2013 07:23 AM

    Thanks for your reply,So by this i understand  that we can add server under LDAP SERVER (Configuration-->Authentication-->Server-->LDAP server ) as radius server which will futher point to the mentioned AD server to get the user's credential ( username and password) authenticated. But for doing all this we need to have certificates on each client(user). Am i going to the right direction?

     

    We are using ArubaOS (MODEL: Aruba3400), Version 3.4.1.1

     

     



  • 4.  RE: How to create internal radius server in Aruba wireless controller.

    Posted Dec 24, 2013 03:09 AM

    Still i am not getting the way to configure Internal Radius server at Aruba wireless controller.

     

    Can you plesse guide how can i configure it.

     

    Regards

    Shubhashish 



  • 5.  RE: How to create internal radius server in Aruba wireless controller.

    Posted Mar 01, 2014 05:17 AM

    not sure how relevant this is for you still. but you dont configure an internal radius server on the radius controller. you terminate the session and then the authentication is done against the LDAP server.

     

    for this you configure an AAA profile with an dot1x profile in which you enable termination and apply a server group with the ldap server in it.

     

    but as cjoseph points out you need a seperate client on the clients (specially windows) to do EAP-PEAP/GTC as that isnt natively supported. it would make things much easier if you can introduce and actual radius server. of course there is Aruba ClearPass which would be great to use. but Microsoft server can use NPS or you could look to some linux based free alternatives, i.e. freeradius.