Wireless Access

Hi Forum,

 

I don't have any experience with OneLogin and want to ask if the aruba controller is able to integrate with OneLogin as a Radius or auth server? without ClearPass in the play.

 

Thanks,

If it is a normal RADIUS server, yes.

Thanks Tim. not sure what you mean by "normal".

 

it is a radius server that is a cloud based.

Yes should work then. Question is do you really want your management
authentication in the cloud? :)

were you able to get it working?

Tim, how can I do that?

Looks like AIs support only PEAP-GTC and PEAP-MSCHAPv2, but onelogin supports only PAP or EAP-TTLS/PAP

Are there any possibilities to get EAP-TTLS/PAP working on AIs?

You need to use a RADIUS server. The APs are EAP-agnostic.

OneLogin have Radius server onboard, but it only supports PAP and EAP-TTLS/PAP => doesn't work with AIs

https://onelogin.zendesk.com/hc/en-us/articles/202361670

Instant is EAP-agnostic, it should work if you define OneLogin as the radius server.

But it doesn't

Same for me as described here:

http://community.arubanetworks.com/t5/Aruba-Instant-Cloud-Wi-Fi/IAP-225-Radius-Server-OneLogin/m-p/264394#M14111

Most devices do not support EAP-TTLS without a configuration profile or custom supplicant. What type of device are you testing with?

Tim, that means protocol is defined on client? Cool, I'll check on Monday

Tim, I checked it today, everything is working perfect.

For Mac OS X I used Apple Configurator 2 to create profile for EAP-TTLS/PAP, then it can be easily applied to all laptops.

Not tried, but it should work out of the box with Linux, Android and modern versions of Windows (8+).

Thank you very much!