Security

Reply
Frequent Contributor I

SonicWall SSO and RADIUS Accounting

Hi,

 

We are in the midst of configuring an Aruba solution which utilises a SonicWall appliance to apply policy to AD authenticated users.

It does so by establishing RADIUS Accounting relationships and inspecting the packets for AD usernames which it subsequently lookups against AD.

 

All accounting messages are working between the Clearpass and Aruba controllers, but how can I forward these on to the SonicWall appliance?

 

The Clearpass is correctly authenticating AD users and applying the correct user roles, so am happy that is working as expected.

Any amount of Kudos will be greatly appreciated!!!
MVP

Re: SonicWall SSO and RADIUS Accounting

You can't forward on the RADIUS accounting packets. You can defined multiple RADIUS servers in the server group on the controller but the 2nd server only gets used if the 1st server doesn't respond.

David
ACDX #98 | ACMP | ACCP
Frequent Contributor I

Re: SonicWall SSO and RADIUS Accounting

Hi David,

 

Yeah I managed to find a similar post in the end. We have found a way to achieve this though by having the Sonicwall appliance forward on the RADIUS Accounting messages from the WLCs to the CPPM. Still some testing to do, but on the face of it, all would appear to be working as expected.

 

Thanks again.

Any amount of Kudos will be greatly appreciated!!!
Occasional Contributor I

Re: SonicWall SSO and RADIUS Accounting

Hi,

Wondering if you could share your experiance in here of what configuration you did on Sonicwall or you controllers in order for Sonicwall to see the Wireless users as authenticated users.

Thanks,

 

Frequent Contributor I

Re: SonicWall SSO and RADIUS Accounting

Hi Habibalby,

It's been some time since I worked on this, but I believe we setup the SonicWall as our RADIUS accounting server on the WLC. The SonicWall appliance would then use these accounting packets in its SSO configuration to find the username and state and then forward the accounting packets on to Clearpass. Hope this helps!
Any amount of Kudos will be greatly appreciated!!!
Occasional Contributor I

Re: SonicWall SSO and RADIUS Accounting

Hello,

Thanks for your reply, I have defined our Sonicwall into WLC 5508 as accounting Server, and defined the same configuration in Sonicwall as well, but I can't get it working :)

Regards,

Frequent Contributor I

Re: SonicWall SSO and RADIUS Accounting

Have you tried the suggested configuration as per the link
https://support.software.dell.com/kb/sw11075
Any amount of Kudos will be greatly appreciated!!!
Occasional Contributor I

Re: SonicWall SSO and RADIUS Accounting

Hi,

Yes, I have tried this method  and watched couple of youtube vidoes, but not luck :)  And my configuration it looks the same how it listed in the KB artical.

 

Regards,

 

MVP

Re: SonicWall SSO and RADIUS Accounting

In ArubaOS 6.4 you can define multiple RADIUS accounting servers so this would also get around the problem.

David
ACDX #98 | ACMP | ACCP
Aruba

Re: SonicWall SSO and RADIUS Accounting

What version of cppm?
Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: