For WPA2 Enterprise you should not use password authentication (PEAP-MSCHAPv2 or EAP-TTLS) at all, but rather go for EAP-TLS if you need security or keep your passwords secure.
If you set up an external RADIUS, in most cases it's best to do all authentication to it, both EAP (WPA2/3-Enterprise) and MAC Authentication for Open/PSK networks. But you can select your authentication server per SSID, so work with an external server for Enterprise and internal for other networks.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Oct 12, 2021 06:24 AM
From: Hachirota Hoshino
Subject: Max password length is 31 chars for users (Aruba 515 on OS 8.6....)
Hello everyone, this is my first message.
I would like to setup a Wifi net using WPA2 Enterprise and the internal RADIUS server on a AP-515. When I create a user (Configuration->Security->Users), it says the password length must be less than 32 chars. I would like it to be longer.
Would updating to a newer OS version (8.7, 8.8, ...) solve the problem or would it still be limited to 31?
If it is not possible to have a longer password, would it be possible to have the MAC authentication done by the AP and the user/password authentication done against an external RADIUS server?
Thanks.
------------------------------
Hachirota Hoshino
------------------------------