Wireless Access

Reply
New Contributor

EAP-TLS on IAP using Internal Server?

Is it possible to use EAP-TLS in Instants with the internal authentication server (not an external RADIUS server)?

 

I have been trying to get it to work for a while, won't authenticate. Works just fine with PEAP, but not TLS. Any feedback will be most appreciated.

mkk
Contributor II

Re: EAP-TLS on IAP using Internal Server?

No... for eap-tls certificate authentiction you always need a radius server like ClearPass, NPS or other radius server.
mkk
Contributor II

Re: EAP-TLS on IAP using Internal Server?

-removed by user-

Re: EAP-TLS on IAP using Internal Server?

Following the Aruba Instant User Guide (6.5.4.0) this should be supported:

 

EAP-TLS—The EAP-TLS method supports the termination of EAP-TLS security using the internal RADIUS server. The EAP-TLS requires both server and CA certificates installed on the Instant AP. The client certificate is verified on the virtual controller (the client certificate must be signed by a known CA) before the username is verified on the authentication server.

 

 

If you can't make it work with the guidance in the User Guide, you can work with Aruba TAC. An external RADIUS server is recommended though. 

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: