Security

Reply
Occasional Contributor II

Multifactor on Aruba CPPM with 802.1X service

Hi,

What is the best approach to setup 2FA to tie up with 802.1X wireless service, 

For example when users are trying to connect to the internal WiFi they are required to type both their AD password and a pin /  token.

 

Guru Elite

Re: Multifactor on Aruba CPPM with 802.1X service

What is your MFA solution? 

 


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Multifactor on Aruba CPPM with 802.1X service

We currently don't have any 2FA for the wireless system, the management team for the company I work for now wants me to implement 2FA with the current wireles  system. Hence am exploring which  2FA tool would be the best choice.

 

 

Guru Elite

Re: Multifactor on Aruba CPPM with 802.1X service

Doing password + PIN at the supplicant level provides a very poor user experience and also requires a custom supplicant in many cases.

 

We can support a "sandwich flow" with modern MFA providers like Duo and GoVerifyID. Sandwich meaning, the device connects and based on a timer or expiry, the user is redirected to an MFA challenge in their browser.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Multifactor on Aruba CPPM with 802.1X service

Does it work with Azure multifactor authenticator?

Guru Elite

Re: Multifactor on Aruba CPPM with 802.1X service

You'd have to use the RADIUS based integration with Azure authenticator which would require the custom supplicant. Azure Authenticator does not currently easily support external integration via their API.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Multifactor on Aruba CPPM with 802.1X service

Sure I will investigate using DUO. Thanks.

Guru Elite

Re: Multifactor on Aruba CPPM with 802.1X service

Reach out to your Aruba ClearPass partner. There is a rough how to for Duo.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: