Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Integration of 2-Factor Authentication to work with AMP

This thread has been viewed 0 times

  • 1.  Integration of 2-Factor Authentication to work with AMP

    Posted Sep 05, 2012 01:53 PM

    I am working on integrating a 2-factor authentication solution to work with AMP. In our setup AMP is configured to send authentication requests (user login) to a RADIUS server which then proxies to 2-factor server. On the AMP login page a user enters their username and for the password they enter a randomly generated password and pin from a token. The process of proxying to the external server seems to be working as the external 2-factor server and local RADIUS server all indicate a "access granted" but AMP indicates "login failure."  Anyone ever run into this issue before or have any ideas how to resolve this issue.

     



  • 2.  RE: Integration of 2-Factor Authentication to work with AMP
    Best Answer

    EMPLOYEE
    Posted Sep 05, 2012 02:15 PM

    If you are doing this over radius, you must also return the aruba-admin-role attribute, otherwise it will fail.  See the document here:  http://na2.salesforce.com/servlet/servlet.FileDownloadPkb?file=00P40000007WQi6&orgId=00D3000000008G4&pPid=50140000000apnL on how to setup the vendor specific attribute required for Airwave Authentication.

     



  • 3.  RE: Integration of 2-Factor Authentication to work with AMP

    Posted Sep 07, 2012 08:53 AM

    Thanks, that is what the problem was. I had the local RADIUS server set to return the aruba-admin-role attribute but the externel RADIUS server that was proxied for the actual authentication was not.