08-29-2013 09:53 AM
We are in the midst of configuring an Aruba solution which utilises a SonicWall appliance to apply policy to AD authenticated users.
It does so by establishing RADIUS Accounting relationships and inspecting the packets for AD usernames which it subsequently lookups against AD.
All accounting messages are working between the Clearpass and Aruba controllers, but how can I forward these on to the SonicWall appliance?
The Clearpass is correctly authenticating AD users and applying the correct user roles, so am happy that is working as expected.
09-02-2013 06:29 AM
You can't forward on the RADIUS accounting packets. You can defined multiple RADIUS servers in the server group on the controller but the 2nd server only gets used if the 1st server doesn't respond.
ACDX #98 | ACMP | ACCP
09-03-2013 12:36 AM
Yeah I managed to find a similar post in the end. We have found a way to achieve this though by having the Sonicwall appliance forward on the RADIUS Accounting messages from the WLCs to the CPPM. Still some testing to do, but on the face of it, all would appear to be working as expected.
06-18-2015 11:09 PM
Wondering if you could share your experiance in here of what configuration you did on Sonicwall or you controllers in order for Sonicwall to see the Wireless users as authenticated users.
06-18-2015 11:29 PM
It's been some time since I worked on this, but I believe we setup the SonicWall as our RADIUS accounting server on the WLC. The SonicWall appliance would then use these accounting packets in its SSO configuration to find the username and state and then forward the accounting packets on to Clearpass. Hope this helps!
06-18-2015 11:34 PM
Thanks for your reply, I have defined our Sonicwall into WLC 5508 as accounting Server, and defined the same configuration in Sonicwall as well, but I can't get it working :)
06-19-2015 08:04 AM
--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.
--Problem Solved? Click "Accepted Solution" in a post.