Security

Reply
Occasional Contributor II

Single SSID Onboarding for Controllers Guide

Hey guys, I am looking for the latest step by step guide to setup clearpass onboarding for controllers using a single SSID. 

 

Thanks!

Guru Elite

Re: Single SSID Onboarding for Controllers Guide

There is no specific guide for this. Have you reached out to your Aruba partner?


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Single SSID Onboarding for Controllers Guide

Thanks, I am actually the Aruba partner and I'm Clearpass certified, I haven't setup single SSID onboard in a long time and was hoping Aruba had some decent documentation around a generic setup. 

Guru Elite

Re: Single SSID Onboarding for Controllers Guide

Essentially the only configuration that makes it a single SSID Onboard is adding an enforcement rule that checks if the outer method is EAP-PEAP, and if so, put the device into an Onboard enrollment role. You can layer on policy checks for more advanced policies.

 

Keep in mind that all of the security issues around PEAPv0/EAP-MSCHAPv2 still apply with single SSID Onboard during the initial authentication. If your customer is security conscious, I'd recommend dual SSID Onboard.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Moderator

Re: Single SSID Onboarding for Controllers Guide

Check out the following ASE solution,

Wireless Onboard w/ Single SSID 

https://ase.arubanetworks.com/solutions/id/34

 

Occasional Contributor II

Re: Single SSID Onboarding for Controllers Guide

Following this ASE, I was able to get single SSID onboarding working as designed. Thanks!

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: