I'm having troubles with my Aruba Mobility Controller (Ver. Aruba 7220, 184.108.40.206) .
I have a SSID that requires EAP-GTC plugin for authenticate users into this enterprise network, i tried to install EAP-GTC-x64.msi on a Windows 11 machine and after finished the manual configuration of WLAN and try to login with AD credentials, nothing happens. I retried the same procedure on a Windows 10 machine and it seems to work and successfully surf the web. Are there any known issue with EAP-GTC plugin with newer OSs ? Do i need to do a firmware update on my Controller ?
https://support.hpe.com/hpesc/public/docDisplay?docId=a00109949en_us mentions: This software supports 32-bit and 64-bit versions of Windows10. So it's not supported on Windows 11.
You may need to find another EAP-GTC supplicant plugin, or move away from EAP-GTC.
If you authenticate your wireless users to an external RADIUS server, the controller firmware should not be too relevant. ArubaOS 8.3 is already for some time end-of-life, so upgrading may be worth to resolve possible vulnerabilities or bugs, not specific for this question.
Is there another way to use LDAP authentication ?
Thanks for the reply
Don't you have a RADIUS server? Most people are trying to get away from password authentication, and even more from 'plaintext password' authentication like EAP-GTC, where the password is transmitted in an SSL tunnel, but without further encryption, and giving the risk that password is leaked due to insecure client configuration or users ignoring security warnings, and with an actual user LDAP/AD password an attacker may get access to all kind of other resources.
In general the logging on LDAP services is quite poor as well, where with RADIUS (like ClearPass) you can see much better what's going on. If you ask people to install software, it may be better to let them onboard their device with EAP-TLS (certificate) authentication instead.
© Copyright 2023 Hewlett Packard Enterprise Development LPAll Rights Reserved.