Hi,
I am now working on implementing aruba clear pass with alcaltel switch.
earlier we had done all the configs using free radius soft.
I need to keep my old radius server as authentication source . but want to pass the authentication control from free radius to aruba clear pass.
I have refreed to this below metioned video-->
https://www.youtube.com/watch?v=GWgfHCkDHMM
I beleive the above mentioned youtube tutorial was dedicated for dynamic vlan scenario. but i need the configuration for static vlan scenario.
I am attching my configurations done in authentication server...
###########################################
Authentications server IP:135.249.47.251
key:alcatel123
o/p of client.conf file in radius server
++++++++++++++++++++++++++++++
[root@pc-012 raddb]# cat clients.conf
client 135.249.41.194{
secret = alcatel123
login = polclient1
shortname = private-network-1
}
o/p of supplicant.conf file
+++++++++++++++++++++++++++++
auth_period = 150
network_list = all
identity = poluser3
default_netname = default
allow_types = all
eap-md5 {
username = poluser3
password = "1234567"
}
o/p of users file from radius server
+++++++++++++++++++++++++++++++++++
[root@pc-012 raddb]# pwd
/usr/local/etc/raddb
[root@pc-012 raddb]# !cat
cat users
# Fall-Through = Yes
#####Radius Auth CLI Users
poluser1 Cleartext-Password := "password1!"
SUPERUSER Cleartext-Password := "POL#150"
---------------------------------------------------
# On no match, the user is denied access.
peersheik Cleartext-Password := "1234567"
Service-Type = Framed-User,
Framed-IP-Address = 135.249.41.194,
Framed-IP-Netmask = 255.255.255.0,
Framed-MTU = 1500,
# Session-Timeout = 40
--------------------------------------------------
---------------------------------------------------
# On no match, the user is denied access.
polclient1 Cleartext-Password := "1234567"
Service-Type = Framed-User,
Framed-IP-Address = 135.249.41.194,
Framed-IP-Netmask = 255.255.255.0,
Framed-MTU = 1500,
# Session-Timeout = 40
--------------------------------------------------
---------------------------------------------------
configurations done in switch-(authentication client) : 135.249.41.194
###############################
configure system security radius auth-server RADAuthServ1 router-instance base ip-address 135.249.47.251 secret plain:alcatel123 timeout-limit 5
configure system security radius acc-server RADAccServ1 router-instance base ip-address 135.249.47.251 secret plain:alcatel123
configure system security radius dyn-auth-client RADAuthServ1 router-instance base ip-address 135.249.47.251 secret plain:alcatel123
configure system security radius policy RADPol23 nas-id MyNASID nas-ip-address 135.249.41.194
configure system security radius policy RADPol23 servers 2 auth-server name:RADAuthServ1 auth-router-inst base priority 162 acc-server name:RADAccServ1
configure system security domain alcatel.com authenticator radius:RADPol23
configure system security conn-profile Profile_1 version 1 domain-name alcatel.com reject-inv-domain
configure system security conn-policy conn-profile-name Profile_1
configure system security pae port-access
clear pass server details:
###############################
Managemntport Ip address->135.249.43.111/24
Data/External Port->