02-24-2016 12:42 PM
I am trying to onboard a Windows 7 laptop (not domain joined). I have created a basic profile, config set, etc, and I can get the onboard wizard to run. After the wizard runs, I can see a certificate has been generated in the Onboard admin page.
My challenge is, how do I use it? As far as I can see, the only thing the Onboard wizard did was install the root CA and radius server cert, then configure an 802.1x user profile using password authentication. What I want is for the laptop to just authenticate itself to the network, pre-login, using the generated certificate.
Can anyone point me in the right direction?
Solved! Go to Solution.
02-24-2016 01:16 PM
So, two crucial things you will have to do:
- under Onboard> Configuration> Network Settings> Authentication, you need to make sure that under Windows Authentication, Certificate Store is set to "Machine".
- Under Onboard> Configuratoin> Network Settings> Access, you need to configure the Name Parameter (this is just a friendly name for the Profile and not the SSID), make sure security type is "Enterprise 802.1x", make sure the Security Version is WPA2 with AES, and Make sure the SSID is the network you want it to connect to.
Those are just two crucial things to do what you said, it obviously takes more to make it work, but I was just answering your question...
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
02-24-2016 03:31 PM
The problem was that the default Windows EAP protocol is PEAP. I had to change that to TLS first to get the Windows Authentication option to appear.