Security

Reply
Frequent Contributor I
Posts: 96
Registered: ‎01-27-2015

Role Assignment for 802.1X Authentication

I created SSID "Kerry" to user for 802.1X authentication

There'is not 802.1x Authentication Default Role filed to choose 

1.PNG

 

2.PNG

 

 

3.PNG

Guru Elite
Posts: 8,466
Registered: ‎09-08-2010

Re: Role Assignment for 802.1X Authentication

Do you have PEFNG licenses installed?


Thanks,
Tim

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 96
Registered: ‎01-27-2015

Re: Role Assignment for 802.1X Authentication

I forgot it !! 

 

 

Thanks,

Frequent Contributor I
Posts: 96
Registered: ‎01-27-2015

Re: Role Assignment for 802.1X Authentication

Hi, TIM

 

If i want to return role From clearpass to Aruba controller

What 's attribute that i should config on both clearpass and controller side ? Is it filter-ID on both side

Guru Elite
Posts: 8,466
Registered: ‎09-08-2010

Re: Role Assignment for 802.1X Authentication

Aruba:Aruba-User-Role


Thanks,
Tim

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 96
Registered: ‎01-27-2015

Re: Role Assignment for 802.1X Authentication

Hi Tim

 

I have last 1 question.

 

Is it possible that user authentication via controller and AD without RADIUS Server ?

I try to test on my lab. There's pop-up on client side for inserting username and password but authentication is failed. For this problem I think, It's because on client support MS-CHAPV2 for authentication but on AD support only GTS

 

What do you think about this case ? and do you have way out for this problem 

Guru Elite
Posts: 21,031
Registered: ‎03-29-2007

Re: Role Assignment for 802.1X Authentication

WPA2-AES Enterprise requires some sort of radius server.  If you don't want to user an external radius server, you can enable termination, MsChapV2, on your controller in the 802.1x profile and change the server group in your AAA profile to "Default" which should have the internal database.  You can then authenticate via 802.1x to users in the internal database on the controller...

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: