Wireless Access

Reply
Occasional Contributor I
Posts: 7
Registered: ‎01-09-2014

One SSID for multiple authentication types

Afternoon,

 

I am curious if the following is possible... I want to reduce my network from having 3 SSID (Open, Radius, Certificate) to just 1. Below is my current setup.

 

SSID: Onboarding (Open)

Purpose: Users can connect to Onboarding and they are re-directed to our Onboarding solution which provides them with a certificate based connection.

 

SSID: Domain (Domain based Auth with Clearpass/Windows Radius)

Purpose: Company own machines are connected to the wireless via domain based authenication.

 

SSID: Student (Certificated based Auth, CloudPath)

Purpose: Devices which have done through the onboarding procedure.

 

I would love to reduce these down to just 1 SSID which does eerything... does anyone know if that is possible? 

Guru Elite
Posts: 20,819
Registered: ‎03-29-2007

Re: One SSID for multiple authentication types

You can probably reduce it to two.  An SSID can be shared by devices that have the same encryption.  You can have and (1) Open SSID and a (2) WPA2-AES SSID with PEAP and EAP-TLS.  For the 2nd SSID, you can configure ClearPass to use multiple authentication types and then sort it out with rules:

types.png

That is in general.  The specifics of what you are trying to do will require some logic in terms of Roles in ClearPass and Enforcement Policies/Profiles.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: