Security

Reply
Occasional Contributor II

Setting Called-Station-ID in Authentication Source

I am currently testing a wireless solution that involves our CPPM using an external Authentication Source.

 

Everything is working currently, though the external Auth Source would like us to populate the Called-Station-ID field with an identifier to indicate which site this request has come from (we run a geographically diverse network with centralised wireless and breakout).

 

I currently have different Services (one per site) that segregate Auth requests based on our AP naming schema. These then refer to different Auth Sources configured that have "Radius:IETF Called-Station-ID(30) = <site location>" set as an attribute. Yet the radius request is still only showing the AP MAC address.

 

Does any one have any ideas on how this can be configured?

Guru Elite

Re: Setting Called-Station-ID in Authentication Source

Called Station ID is set by the NAD and cannot be modified in transit.

Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Setting Called-Station-ID in Authentication Source

Thanks for the prompt response, is that an IETF limitation? I only ask as the external auth organisation are adamant that this can be done with Cisco controllers.

Guru Elite

Re: Setting Called-Station-ID in Authentication Source

A Cisco controller is a NAD so that makes sense. ClearPass is an authentication server, not a NAD.

tim

Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Setting Called-Station-ID in Authentication Source

Many thanks.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: