Aruba Apps

 View Only
  • 1.  Issue on Aruba Mobility Controller

    Posted Jul 05, 2023 12:34 PM

    Hi folks,

    I'm having troubles with my Aruba Mobility Controller (Ver. Aruba 7220, 8.3.0.11) .

    I have a SSID that requires EAP-GTC plugin for authenticate users into this enterprise network, i tried to install EAP-GTC-x64.msi on a Windows 11 machine and after finished the manual configuration of WLAN and try to login with AD credentials, nothing happens. I retried the same procedure on a Windows 10 machine and it seems to work and successfully surf the web. Are there any known issue with EAP-GTC plugin with newer OSs ? Do i need to do a firmware update on my Controller ? 



    ------------------------------

    ------------------------------


  • 2.  RE: Issue on Aruba Mobility Controller

    Posted Jul 06, 2023 05:48 AM

    https://support.hpe.com/hpesc/public/docDisplay?docId=a00109949en_us mentions: This software supports 32-bit and 64-bit versions of Windows10. So it's not supported on Windows 11.

    You may need to find another EAP-GTC supplicant plugin, or move away from EAP-GTC.

    If you authenticate your wireless users to an external RADIUS server, the controller firmware should not be too relevant. ArubaOS 8.3 is already for some time end-of-life, so upgrading may be worth to resolve possible vulnerabilities or bugs, not specific for this question.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 3.  RE: Issue on Aruba Mobility Controller

    Posted Jul 06, 2023 06:34 AM

    Is there another way to use LDAP authentication ?

    Thanks for the reply




  • 4.  RE: Issue on Aruba Mobility Controller

    Posted Jul 07, 2023 07:29 AM

    Don't you have a RADIUS server? Most people are trying to get away from password authentication, and even more from 'plaintext password' authentication like EAP-GTC, where the password is transmitted in an SSL tunnel, but without further encryption, and giving the risk that password is leaked due to insecure client configuration or users ignoring security warnings, and with an actual user LDAP/AD password an attacker may get access to all kind of other resources.

    In general the logging on LDAP services is quite poor as well, where with RADIUS (like ClearPass) you can see much better what's going on. If you ask people to install software, it may be better to let them onboard their device with EAP-TLS (certificate) authentication instead.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------