Security

last person joined: 21 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

certificate in controller Vs RADIUS configuration

This thread has been viewed 0 times

  • 1.  certificate in controller Vs RADIUS configuration

    Posted Jun 29, 2014 01:33 PM

    Hi,

     

    We use WPA2 with AES and authentication is PEAP, microsot NPS as RADIUS and certificate is installed in RADIUS, connection terminates in RADIUS server. Could somone explain the difference in having connection terminates in controller vs a configuration where connection terminatesin RADIUS server, which is better and easy.

     

     

    Thanks

     



  • 2.  RE: certificate in controller Vs RADIUS configuration

    EMPLOYEE
    Posted Jun 29, 2014 02:22 PM
    You should use NPS. Termination is easier in smaller deployments but offers less flexibility.


  • 3.  RE: certificate in controller Vs RADIUS configuration

    Posted Jun 29, 2014 02:27 PM

    Thank you, could you explain more about flexibility, advantage in controller termination.

     

     



  • 4.  RE: certificate in controller Vs RADIUS configuration
    Best Answer

    Posted Jun 29, 2014 02:39 PM
    Termination can allow the controller to handle the EAP portion of the authentication for situations where a standard compliant radius server isn't available. I believe you can use this in a situation where perhaps you wanted to do LDAP based auth and still need something to handle EAP. As it's already been said, there is really no advantage when you have NPS already running.


  • 5.  RE: certificate in controller Vs RADIUS configuration
    Best Answer

    EMPLOYEE
    Posted Jun 29, 2014 02:49 PM
    Many times EAP termination requires you to install a supplicant on the client. Most environments use a RADIUS server like NPS/IAS or ClearPass