Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

OnBoarding with "legacy APs"

This thread has been viewed 2 times

  • 1.  OnBoarding with "legacy APs"

    Posted Feb 20, 2017 07:33 AM

    Hey,

     

    I'm planning to Setup a ClearPass OnBoarding enviroment. The customer already got APs and only want to buy additional Aruba APs.

     

    In the locations where they have the "legacy APs", we like to add one Aruba AP for doing the onbording. The old APs dont support external captive portal nor RADIUS commands.

     

    After onboarding via the Aruba AP the old APs should authenticate against ClearPass via EAP-TLS.

     

    There will be no roaming for sure, but do you guys see issues I dont think about?

     

    Greets



  • 2.  RE: OnBoarding with "legacy APs"
    Best Answer

    EMPLOYEE
    Posted Feb 20, 2017 03:57 PM

    I think that should work. In fact, for Onboarding the only thing you need is IP connectivity to the ClearPass server. You can, if that is possible do that over the guest network (if you also deployed ClearPass Guest), or even over the existing corporate WLAN (or wired network, or even via the public internet if you make ClearPass internet accessible), if you can assign access to (only) the ClearPass server by VLAN assignment or other ways.