Security

last person joined: yesterday 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

AP-303H with Ethernet 1 port authentication against ClearPass

  • 1.  AP-303H with Ethernet 1 port authentication against ClearPass

    Posted Jan 14, 2021 12:27 PM
    We are starting to look at deploying the Aruba AP-303H in Rooms for students.

    Currently every room has an single Ethernet port which is currently managed by ClearPass.

    We would like to authenticate the additional 1 or all 3 of the additional Ethernet ports to authenticate against ClearPass.

    Is this possible and how is it achieved, we are currently using  Software 6.5.3.1 on our WLAN controllers.

    Switches we aim to use this with are the Aruba 2930f, Aruba 2530 or Aruba 2540

    Thanks in anticipation of any replies.

    ------------------------------
    David


    ------------------------------


  • 2.  RE: AP-303H with Ethernet 1 port authentication against ClearPass

    Posted Jan 15, 2021 05:19 AM
    You'd configure a Wired AP Port Profile along with the required AAA Profile for that ethernet on question.

    https://www.arubanetworks.com/techdocs/ArubaOS_801_Web_Help/Content/ArubaFrameStyles/1CommandList/ap_wired_port_profile.htm

    You'd then specify the enet-port-profile within your AP Group.

    e.g

    ap wired-ap-profile "weebox-wiredap"
    wired-ap-enable
    trusted
    switchport mode trunk
    !
    ap wired-port-profile "weebox-wired"
    wired-ap-profile "weebox-wiredap"
    aaa-profile "CPPM"
    !
    ap-group "WiredPort"
    enet1-port-profile "weebox-wired"
    enet2-port-profile "weebox-wired"
    enet3-port-profile "weebox-wired"
    enet4-port-profile "weebox-wired"



    ------------------------------
    Craig Syme
    ------------------------------