Wireless Access

Most of our clients use laptops with Windows 7/8 installed on them. We just had the Aruba wireless AP's, Controllers and ClearPass installed last week and this week we're running into a problem where we have to uncheck "Validate Server Certificate" under properties for the connection for our clients to be able to connect. Doens't seem like a huge deal, except that anytime a clients machine restarts the check mark is there again and we have to go back down and uncheck it again. Times this by 50 teachers and come school time it's going to be a nightmare.

So my question is, do we need to install a certificate on our controller and backup controller, or is this a clientside problem? As of right now I know we do not have a server certificate installed on the controller.

Any advice is appreciated, I'm a Jr. Sys Admin and had this dropped in my lap, so feel free to explain it to me like I'm a five year old.

Thanks!

Joshua

Are the laptops joined to an AD domain?

Yes they are. Users log in using their AD logon.

If these Windows machines are joined to an Active Directory domain, you can create a GPO that configures the wireless profile.

Computer Configuration > Policies > Windows Settings > Security Settings > Wireless Network (802.11) policies.

Be sure you select the Root CA and enter in the names of the RADIUS servers (name that is presented in the cert).

You'll need to look at your RADIUS server cert to get the name of the Root CA and the Common Name of the cert.

I think I get most of that, thank you for the help!

Try taking a look at Aruba's QuickConnect.  It will automate the 802.1x supplicant config on all machines...not just ones joined to the domain.

And where would I find that at? Is that inside of clearpass or a standalone application?

It is a separate application that you configure from Aruba's cloud portal (quick1x.com) and then download the package which you can host on ClearPass for users to access.

It is licensed by total number of users.