Wireless Access

Reply
Occasional Contributor II

Clearpass failure

We  will be implening Aruba solution with a pair of 7205 controllers and another with IAP Virtual Controller and  a single Clearpass server.

There will be 3 SSIDs with: 1.Captive portal guest authentication, 2.AD Credentials authentication and 3.Client-Server Certificate authentication.

 

What will be the controllers behaviour if the ClearPass connection is lost? How long will the users stay authenticated in each of the 3 options.

Re: Clearpass failure

The user will be able to still have access until the next wireless roaming event for the mac auth / open SSID
On the IAP you can enable authentication survivability for the PEAP / 802.1x SSID
https://community.arubanetworks.com/t5/Controller-less-WLANs/What-is-Authentication-Survivability-in-IAP-and-how-to-configure/ta-p/178842
But this option only exist on the ArubaOS controller if you are running a 7000 controller as a branch controller and using EAP-TLS
http://www.arubanetworks.com/techdocs/ArubaOS_64x_WebHelp/Content/ArubaFrameStyles/Branch%20Office/Branch_Deploy_features.htm#Authenti

Do you have a clearpass cluster ?
Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA

Re: Clearpass failure

The user will be able to still have access until the next wireless roaming event for the mac auth / open SSID
On the IAP you can enable authentication survivability for the PEAP / 802.1x SSID
https://community.arubanetworks.com/t5/Controller-less-WLANs/What-is-Authentication-Survivability-in-IAP-and-how-to-configure/ta-p/178842
But this option only exist on the ArubaOS controller if you are running a 7000 controller as a branch controller and using EAP-TLS
http://www.arubanetworks.com/techdocs/ArubaOS_64x_WebHelp/Content/ArubaFrameStyles/Branch%20Office/Branch_Deploy_features.htm#Authenti

Do you have a clearpass cluster ?
Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Occasional Contributor II

Re: Clearpass failure

Thank you for the below. It is standalone ClearPass Server.

Looking at the Authentication survivability, it seems quite restricted and probably will not help.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: