Security

Reply
Occasional Contributor I
Posts: 8
Registered: ‎08-21-2014

Policies

Hi guys! I really need your help. I use 651 controller in corporation. Sofrware version is 6.3.1.8.

My situations:

1) I can not include LDAP server to the controller;

2) How to deny access to everywhere for users from Guest SSID except HTTP/HTTPS?

 

I would be glad for your answers.

Guru Elite
Posts: 21,258
Registered: ‎03-29-2007

Re: Policies

1.  Did you already setup an LDAP server?  If not, instructions on how to set it up is here:  http://www.arubanetworks.com/techdocs/ArubaOS_64x_WebHelp/Web_Help_Index.htm#ArubaFrameStyles/AAA_Servers/Configuring_Servers.htm#aaa_servers_3503549366_1078934

2.  How to configure firewall polcies is here:  http://www.arubanetworks.com/techdocs/ArubaOS_64x_WebHelp/Web_Help_Index.htm#ArubaFrameStyles/Firewall_Roles/Policies.htm

 

I hope that helps.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I
Posts: 8
Registered: ‎08-21-2014

Re: Policies

Hi, Colin!

For LDAP, yes I did the manual in the help, but may be I read it with somemistakes))

This is my conf. screen. Is there everything right?


after this configuration in AAA Test server i got next errors. When I check with MSCHAPv2: Internal Error: Invalid response (-1);

when I click PAP: Authentication server out of service error accurs;

 

I have tried to write with my domain name, the same errors.

 

About policies - thank you! I did what I wanted.

 

Guru Elite
Posts: 21,258
Registered: ‎03-29-2007

Re: Policies

Are you trying to use encryption with your clients?

 

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I
Posts: 8
Registered: ‎08-21-2014

Re: Policies

Dear Colin,

 

I really dont want but I have to choose between two enryption types)

Guru Elite
Posts: 21,258
Registered: ‎03-29-2007

Re: Policies

Don't bother with LDAP.  To use LDAP with encryption, you need to use a custom supplicant on all of your devices.  It is also not as flexibile as radius, harder to troubleshoot and is not the standard for wireless encrytion.  If you have a domain, I would use the instructions on how to configure Windows NPS here:  http://community.arubanetworks.com/t5/ArubaOS-and-Controllers/Step-by-Step-How-to-Configure-Microsoft-NPS-2008-Radius-Server/m-p/14392/highlight/true#M6113



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I
Posts: 8
Registered: ‎08-21-2014

Re: Policies

Hi! Sorry for updating so late.

Thanks a lot for your book, we created RADIUS server and everything is good!

Search Airheads
Showing results for 
Search instead for 
Did you mean: