I've searched in here, as well as some Googling, and have not come up with a solution, so I'm asking.
I'm using FreeRADIUS 3.0.13-9, on CentOS 7.6 as an authentication server for Airwave, WLC administrative access, and 802.1X.
Within FR, I am using peap/mschapv2 using ntlm_auth as the back-end. I also have some post-auth going on, using ldap to poll AD for group memberships (only for NAS-IP belonging to the WLC management IPs and airwave IP).
I have been tasked with creating a BSSID that requires two methods of authentication: MAC and username/password. Any FreeRADIUS gurus, or Airheads that have any suggestions?
You can use mac authentication using the controller's local database to store the mac addresses. : https://community.arubanetworks.com/t5/Controller-Based-WLANs/How-do-I-configure-MAC-based-authentication-on-Aruba/ta-p/182430
I get that. I understand how to do one at a time: MAC or User auth. The question is about how to do both for the same BSSID.
When you add a mac authentication profile to the AAA profile, BOTH are done to the same SSID. The device must pass mac authentication before user authentication.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.