09-09-2015 02:47 PM - edited 09-09-2015 02:49 PM
Do you have the PEF-V license for your controller?
Please take a look at the VIA validated reference design.
09-09-2015 02:56 PM
(BOSTON-7010) #show keys Licensed Features ----------------- Feature Status ------- ------ Access Points 4 RF Protect 0 VPN Server Module 4096 xSec Module 0 Next Generation Policy Enforcement Firewall Module 4 Advanced Cryptography 0 RF Protect DISABLED Policy Enforcement Firewall ENABLED VPN Server ENABLED xSec Module DISABLED Policy Enforcement Firewall for VPN users ENABLED Advanced Cryptography DISABLED Maritime Regulatory Domain DISABLED
09-09-2015 03:14 PM
Thank you very much!
I do not have that license.
May you please let me know if the only thing I need to do is to configure the controller as long as I get the license?
09-09-2015 03:16 PM
09-11-2015 05:35 AM
I am going through this currently. In summary you have to:
- Install the license (note you can download an evaluation licenses from aruba if needed) Requires a controller reboot to load.
- Download the Via client for the OS you want to support and upload it to the controller so your users have a place to get the client which would be the controller https://URL/via address.
- The users have to install the VIA client
- You have to configure the controller to support via and the authentication types you want to use. Start with the basics like user auth only EAP-PEAP and then try adding machine authentication and then switch it all over to certificate based authentications. I went down this path and there are little gotchas here and there. 6.5.1 CPPm did not work well with Certs the PCs EAP-TLS but it is suppose to be fixed in the current 6.5.2 release but I have not yet tested.
09-11-2015 06:16 AM
There is a solution for VIA. Only problem I know of is the local user db on the controller not working for VIA auth in 188.8.131.52.