Network Management

last person joined: 2 days ago 

Keep an informative eye on your network with IMC and AirWave network management solutions.
Expand all | Collapse all

Airwave Management using NPS

Jump to Best Answer
  • 1.  Airwave Management using NPS

    Posted Nov 20, 2011 07:19 PM

    So, I have been fighting with this for about a week now.  The problem; I am unable to get NPS authentication to work for both Airwave and the Aruba controller.  I can get one or the other to work, but not both at the same time.

     

    We have been using a filter ID for management user login on the Aruba controller.  When Administrator is returned from NPS, users get root access and when employee is returned, users get guest provisioning access.  That works great.

     

    Now, I can get management user authentication to work with Airwave when I have configured the NPS in Airwave, client on the NPS, PAP and Vendor Specific 14823 #4 String Admin.  However, this breaks the management access in Aruba.

     

    So, the question, has anybody gotten both to work at the same time and, if so, how did you do it?  I have tried creating seperate network policies on the NPS with no success.



  • 2.  RE: Airwave Management using NPS

    Posted Nov 21, 2011 05:48 AM

    Hi Jeremy,

     

    For controllers the Admin access have role 'root'. In Airwave the admin access role is 'Admin'. So for management users when you create users on NPS and have them fall in 'root' role will give you access to controller but not Airwave. Same if you create the users with 'Admin' role on NPS, the management users will not be able to access controller. The solution is to have same role on both the devices. On Airwave create a new role called 'root' from System > Roles and give that role Administrator access. Now in NPS set the role to be returned as 'root' from management users, now they will be able to log into controller and Airwave with role 'root' who has admin access to both the devices.



  • 3.  RE: Airwave Management using NPS

    Posted Nov 22, 2011 11:08 AM

    Thanks for your reply.

     

    The way things are configured now, NPS doesn't provide anything to the Aruba controller except a filter-id.  Them I have a server rule in the management server group that I created that, depending upon the filter-id, the user will get a role on the controller.  In this case, if the filter-id is administrator, the user gets root.  If the filter-id is employee, the user gets guest-provisioning.  So, NPS isn't returninig a role, per se, just the filter-id.

     

    Now, with Airwave, I understand that we have to use the vendor specific 14823 #4 String Admin (or whatever role) to get management access (with appropriate role).  If I understand what you are saying, there must be a way to use that same vendor specific attribute in the Aruba controller for managment access.

     

    Am I way off base?



  • 4.  RE: Airwave Management using NPS
    Best Answer

    Posted Nov 22, 2011 11:20 AM

    You add that Vendor-Specific attribute (root for example) to the same remote access policy that you use for the Aruba Controller.  It will send the filter-id attribute, as well as the vendor-specific (root) attribute for Airwave, so that you can re-use it for both.



  • 5.  RE: Airwave Management using NPS

    Posted Nov 23, 2011 05:00 PM

    looks like it is working now.  Thanks guys!



  • 6.  RE: Airwave Management using NPS

    Posted Feb 13, 2012 06:57 AM

    Guys,

     

    i'm currently trying to get this to work and I'm having issues. I've got the multi-purpose access policy defined in IAS but when I authenticate on the AirWave with valid credentials it just returns the login screen again and there's nothing showing in the IAS event viewer to indicate an authentication request was ever sent. However if i use login credentials I know not to be valid the event viewer returns an failed authentication error message. Aruba admin login still works!

     

    Any ideas



  • 7.  RE: Airwave Management using NPS

    Posted Feb 13, 2012 07:01 AM

    Please go to the link here:  http://support.arubanetworks.com/AirWaveKB/tabid/115/Default.aspx

     

    Search for Management Authentication.



  • 8.  RE: Airwave Management using NPS

    Posted Jun 29, 2016 01:03 PM

    Broked link, please put a link in youtube how to do it NPS-Airwave auth :)



  • 9.  RE: Airwave Management using NPS

    Posted Jun 29, 2016 01:33 PM