Wireless Access

Reply
Frequent Contributor I
Posts: 70
Registered: ‎01-03-2013

External AAA Server Integration with Aruba Controller

[ Edited ]

Hi,

 

Could anybody please confirm if there is a possibility of integrating an external AAA server with aruba controller?

 

If yes then please guide where and what needs to be done on the controller and the external server?  

 

We are using IBSng II AAA system for existing wired users and now would like to use the same for wireless users. You can find more details about the product at the link below.

 

http://www.parspooyesh.com/en/products/ibsng-ii

 

 

Any help would be much appreciated.

 

Thanks.

 

MVP
Posts: 4,309
Registered: ‎07-20-2011

Re: External AAA Server Integration with Aruba Controller

Yes you should be able to tied to an external AAA server .

How are authenticating these users ?
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Frequent Contributor I
Posts: 70
Registered: ‎01-03-2013

Re: External AAA Server Integration with Aruba Controller

Thanks for the response victorfabian.

 

Authentication process involves creating user credentials (and desired policies) in the AAA server first and when user tries to browse any webpage, it asks for user input for authentication (like controller's captive portal).  

 

MVP
Posts: 520
Registered: ‎05-11-2011

Re: External AAA Server Integration with Aruba Controller

It seems that server supports Radius. You should be able to solve this using a setup with controller as captive portal using that AAA server as backend authentication server.

 

Assuming you working setup with Controller as captive portal with auth server group = default/internal. Then you proceed with this setup:

 

1. Create the Auth Server and Server Group pointing towards your AAA server (note the shared secret you use)

2. Change your L3 Captive Portal Profile to use this new AAA Server Group as Server Group

3. On your AAA create the Controller as Radius Device/Client (same shared secret)

 

That should more or less do what you seek - since it seems not to be a requirement to use the AAA server for web authentication.


Regards
John Solberg

-ACMX #316 :: ACCP-
Intelecom - Norway
----------------------------
Remember to Kudo if a post helped you! || Problem Solved? Click "Accept as Solution" in a post!
MVP
Posts: 4,309
Registered: ‎07-20-2011

Re: External AAA Server Integration with Aruba Controller

In addition to jsolb post make sure you enabled radius accounting (controller and server) and enabled CoA on both sides as well.

 

Once you create the Captive portal L3 profile you will have to assign it to the initial role on your AAA profile that jsolb suggested.

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Search Airheads
Showing results for 
Search instead for 
Did you mean: