11-19-2011 05:19 PM
I want to ask a stupid question.
Now wireless users visit the newworks through the 802.1x authentication. Aruba AC3000 is as the 802.1x authenticator device,and the authentication server is an external windows AD control
Now I want make the wireless user (windowns7 notebook) to use certificates for authentication. I should install the certificate in the notebook and in the windows AD server .
In the case,Do I need to install or import any certificate into the Aruba AC ?:manhappy:
In adition , under what circumstances does the Aruba AC need to install the certificate ?
Thank you very much
11-19-2011 07:16 PM
Most typically the Radius server in the authentication chain is where the certificate resides in the 802.1x network.
By default, the Aruba controller passes 802.1x traffic through to the AAA server, and thus does not require a certificate.
The Aruba controller can ALSO be configured to 'terminate' EAP-PEAP and EAP-TLS transactions, in which case it would need to have the 'server side' of the certificate requirements met.
How do you have your controller configured at present under 802.1x authentication profile ?
11-23-2011 11:13 PM - edited 11-23-2011 11:20 PM
When the Aruba controller passes 802.1x traffic through to the AAA server, If the client still want to" use certificate" , is the certificate only depend on the radius server ,such as a windows IAS ?
So in the case, Can I consider that, I dont need to import or export any certificate in Aruba controller , but the certificate between wireless clinet-side and windows IAS should be create ?
Thank you ~