07-04-2014 10:28 AM
I have setup with Aruba 7200 controller, CPPM as a policy manager, AP 135 & LDAP 2008
I want to provide wireless access to user using WPA2-PSK + AES + mac auth
Kindly suggest the configuration with less administration.
Solved! Go to Solution.
07-04-2014 06:20 PM
Do you have an existing database of MAC addresses that you want to authenticate?
Do you want users to have to register?
Why not use 802.1X?
07-04-2014 07:07 PM
What are you trying to accomplish?
We have different software project team & they want to test software on there handheld device using wireless network.
So i will provide them common pre-shared key & for security i will use mac authentication.
No. i dont hv mac address database.
As per my setup i am using CPPM as a policy manager. So user can not register. am i right?
Why not use 802.1X?
Software project & users always changing but device is common & its difficult to change frequently in AD for network engineer.
AD user database is maintained by System Admin.
07-07-2014 05:24 AM
With MAC authentication, you need a source/list of MAC addresses. Where will you have this list? Will users register themselves?
07-07-2014 03:13 PM
I have mac address list in excel file. If if go for static host entry then i will manually add those mac in static host profile.
If i require to make them "Known" in endpoint repositery, i will do that manually.
I hv configured the ssid with wpa2-psk +aes and mac auth & in cpppm i hv configured mac based auth service. i am able to get request in cppm. Access tracker showing user rejected cause i hv nt added user in static host list but user is able to get IP address.
User must not get IP untill an unless added in static host list.
07-07-2014 03:17 PM
07-07-2014 03:24 PM
around 250 mac.
but i hv other 3 ssid i am using AD authentication + mac auth using endpoint repositery.
I think that will be complex for me to find mac address with respective ssid in endpoint.
07-07-2014 03:38 PM
You'd want to do something like your other post. Add a custom attribute and then tag those endpoints with that attribute.
You can use this guide to get you started. It's a similar scenario: