Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

RADIUS Authentication

  • 1.  RADIUS Authentication

    Posted Apr 04, 2012 03:17 PM

    Want to setup RADIUS authentication for admin access to the console.  The userguide is not too clear.  Can somebody help?  I added the RADIUS server(s) via the AMP Setup>Authentication page.  Also setup a policy on the RADIUS server. 



  • 2.  RE: RADIUS Authentication

    Posted Apr 04, 2012 04:32 PM

    CJoseph answered this question for someone else several weeks ago.

    Search the Airwave Board for "Radius for management users" and follow his link to  http://support.arubanetworks.com/AirWaveKB/tabid/115/Default.aspx

     

    I followed those instructions and it's working great!

    --Matthew



  • 3.  RE: RADIUS Authentication

    Posted Apr 05, 2012 01:45 AM
      |   view attached

    @msabin wrote:

    CJoseph answered this question for someone else several weeks ago.

    Search the Airwave Board for "Radius for management users" and follow his link to  http://support.arubanetworks.com/AirWaveKB/tabid/115/Default.aspx

     

    I followed those instructions and it's working great!

    --Matthew


    Msabin,

     

    Thanks.  The url structure in the Airwave KB can be a challenge, so i will just attach the doc.

     

     



  • 4.  RE: RADIUS Authentication

    Posted Apr 09, 2012 12:19 PM

    works like a charm...thanks..  what about a setup guide for RADIUS or TACACs for the controllers?



  • 5.  RE: RADIUS Authentication

    Posted Apr 09, 2012 12:30 PM

    Chapter 33 of the ArubaOS 6.1 User guide details management Authentication.  You will find a Step by Step Guide there.

     

     



  • 6.  RE: RADIUS Authentication

    Posted Apr 09, 2012 02:58 PM

    I dont see the server side setup?



  • 7.  RE: RADIUS Authentication

    Posted Apr 09, 2012 03:15 PM

    @RR8 wrote:

    I dont see the server side setup?


    I see below in page 595.  What's on your page 595?

     

    Radius Server Authentication
    Radius Server Username/Password Authentication
    In this example, an external RADIUS server is used to authenticate management users. Upon authentication, users are assigned the default role root.
    In the WebUI
    1. Navigate to the Configuration > Security > Authentication > Servers page.
    2. Select RADIUS Server to display the Radius Server List.
    a. To configure a RADIUS server, enter the name for the server (for example, rad1) and click Add.
    b. Select the name to configure server parameters, such as IP address. Select the Mode checkbox to
    activate the server.
    c. Click Apply.
    3. Select Server Group to display the Server Group list.
    a. Enter the name of the new server group (for example, corp_rad) and click Add.
    b. Select the name to configure the server group.
    c. Under Servers, click New to add a server to the group.

     



  • 8.  RE: RADIUS Authentication

    Posted Apr 09, 2012 03:18 PM

    yes, thats for the controller side.  Any special settings for the Windows Server side?



  • 9.  RE: RADIUS Authentication

    Posted Apr 09, 2012 03:24 PM
      |   view attached

    Ah.  Sorry about that.

     

    I don't see anything very specific, I'm attaching a document that was written for IAS, but details the server side of things, and can be easily ported to NPS.  It is almost identical to the Radius server setup for Airwave that was detailed in the thread above.

     

     



  • 10.  RE: RADIUS Authentication

    Posted Apr 09, 2012 03:25 PM

    great..thats what i was looking for..thanks!



  • 11.  RE: RADIUS Authentication

    Posted Jan 05, 2017 09:24 AM

    Hi,

    is there an information about the attribute values for the Vendor-assigned attribute?

    Or is there another possibility to assign different roles (root, guest-provisioning) on the NPS when used as RADIUS server for management authentication on the controllers?



  • 12.  RE: RADIUS Authentication

    Posted Jan 05, 2017 09:27 AM
    The value would be the role name on the controller / AirWave / IAP, etc


  • 13.  RE: RADIUS Authentication

    Posted Jan 05, 2017 09:33 AM

    So you mean:

    - attribue number = 3

    - attribute format = string

    - attribute value = root / guest-provisioning / ...

     

    ...instead of the values on the picture provided by one of the guides, is that right? That would be quite cool.

     

    Management-Authentication-using-Windows-IAS-as-a-Radius-Server.tiff