03-24-2012 06:12 PM
I have an existing SSID that uses WPA2-AES auth/encryption. I want to setup 802.1x auth, would it be best to set this up on the existing SSID or create a new SSID?
If I set it on the existing, the devices will not be able to connect until the option in wireless setup for PEAP/EAP is set correct?
Solved! Go to Solution.
03-24-2012 06:18 PM
You are correct.
You would need a seperate SSID profile that uses WPA2-Enterprise instead of WPA2-PSK (that you currently have). The setting in the Aruba Controller's SSID profile of just 'WPA2' would indicate a WPA2-Enterprise network driven in the background using 802.1x.
The "SSID PROFILE" is what is used to set which mode (pre-shared or dynamic) credentials are to be used...in a given WLAN network (SSID) therefore it's one or the other...not both simultaneously.
When conversions like this happen its common to run the old service and the new service in parallel. I would recommend the use of Airwave then to run reports per-SSID to see how the users are 'migrating' naturally over to the new network.
03-24-2012 06:21 PM
Small point of clarity...
When is said "When conversions like this happen its common to run the old service and the new service in parallel."
I simply mean two SSIDs on the same network ;-) one PSK one 802.1x driven.
03-25-2012 06:22 AM
The best way would be group policy, but you should test to make sure that a single client works first and then you can deploy the group policy to your clients.
There is an article on Group Policy here http://community.arubanetworks.com/t5/Command-of-the-Day/COTD-How-to-create-a-Wireless-Group-Policy-on-Windows-2008/m-p/11768/highlight/true#M315
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base