Security

Reply
Occasional Contributor I
Posts: 7
Registered: ‎09-21-2015

Single SSID Onboarding for Controllers Guide

Hey guys, I am looking for the latest step by step guide to setup clearpass onboarding for controllers using a single SSID. 

 

Thanks!

Guru Elite
Posts: 7,852
Registered: ‎09-08-2010

Re: Single SSID Onboarding for Controllers Guide

There is no specific guide for this. Have you reached out to your Aruba partner?


Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
Occasional Contributor I
Posts: 7
Registered: ‎09-21-2015

Re: Single SSID Onboarding for Controllers Guide

Thanks, I am actually the Aruba partner and I'm Clearpass certified, I haven't setup single SSID onboard in a long time and was hoping Aruba had some decent documentation around a generic setup. 

Guru Elite
Posts: 7,852
Registered: ‎09-08-2010

Re: Single SSID Onboarding for Controllers Guide

Essentially the only configuration that makes it a single SSID Onboard is adding an enforcement rule that checks if the outer method is EAP-PEAP, and if so, put the device into an Onboard enrollment role. You can layer on policy checks for more advanced policies.

 

Keep in mind that all of the security issues around PEAPv0/EAP-MSCHAPv2 still apply with single SSID Onboard during the initial authentication. If your customer is security conscious, I'd recommend dual SSID Onboard.


Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
Moderator
Posts: 54
Registered: ‎08-29-2012

Re: Single SSID Onboarding for Controllers Guide

Check out the following ASE solution,

Wireless Onboard w/ Single SSID 

https://ase.arubanetworks.com/solutions/id/34

 

Occasional Contributor I
Posts: 7
Registered: ‎09-21-2015

Re: Single SSID Onboarding for Controllers Guide

Following this ASE, I was able to get single SSID onboarding working as designed. Thanks!

Search Airheads
Showing results for 
Search instead for 
Did you mean: