Wireless Access

last person joined: 2 days ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Adding a Wireless Printer in Secure Environment

This thread has been viewed 1 times

  • 1.  Adding a Wireless Printer in Secure Environment

    Posted Jul 12, 2017 07:16 PM

    Hello Everyone, 

     

    First I would like to say thanks to all Experts and Gurus on Aruba community for sharing their experience and knowledge. 

     

    I am a Newbie on Aruba Community/Network and have more experience in VoIP domain and currently working for a big enterprise where security is always first . 

     

     As far as wirless network in company its all aruba and  working very well in a secure enviornment with 2 Data Center , DMZ , Master Active/Standby controller and 200 medium and small sites with their local controller present.

     

    I recieved a request from CIO to add his personal wireless printer into the existing network. After spending 1 weeks looking for a solution on Airhead I can't find the right answer. My concern is How I can add a HP wireless printer to a local site with 802.1x enable network which has Certiicate installed everywhere.  

     

    Short Wirelss Design Summary -- 

     

    So Basically, how the traffic is flowing -- When a device get connected to the local site and if its a IPAD,Iphone then it get check through Airwatch and gets certificate/authenticated first. Then it goes to Clearpass and gets a Untrusted role . 

     

    After becoming an Untrusted device , it contact the controller which is in DMZ. There is a secure tunnel from the local controller and the controller in DMZ for every site . from there its get an IP address and

    all the traffic then goes via a tunnel to Internet . 

     

    I tried it doing it one way 

    Creating a Host address list on the Clearpass and create services and roles and mapping. But it never hit the clearpass. As soon as I try to connecting to my Corporate SSID , HP printer shows an Error on screen -- Can't connect to this network because of unsuppored authentication and encryption.

     

    I also thought  trying to do the split tunneling. But because all the sites has local controller present and connected to datacenter where a Master Controller present and controller in DMZ. I dont know it will be good to add another AP  as Remote AP or Coverting an CAP into RAP.

     

    I would really thanks to everyone on the community if you can please give me an idea, how it can be done.

    I am happy to answer all the question in case if you need more information. 



  • 2.  RE: Adding a Wireless Printer in Secure Environment

    Posted Jul 13, 2017 06:00 AM
    This is a key bit of information from your post:

    "HP printer shows an Error on screen -- Can't connect to this network because of unsupported authentication and encryption."

    I'd recommend checking what authentication and encryption is supported before proceeding.