Cloud Managed Networks

 View Only
last person joined: 2 days ago 

Forum to discuss all things related to HPE Aruba Networking Central and UXI Network Management, including deployment of managed networks, configuration, best practices, APIs, Cloud Guest, AIOps, Presence Analytics, and other included Applications
Back to discussions
Expand all | Collapse all

Machine authentification without Clearpass

This thread has been viewed 5 times

  • 1.  Machine authentification without Clearpass

    Posted Feb 29, 2020 10:45 AM

    Hi, does anyone know if it is possible to configure machine authentification with only Instant APs/VCs and Active Directory? There is no Clearpass involved.



  • 2.  RE: Machine authentification without Clearpass

    EMPLOYEE
    Posted Mar 02, 2020 04:28 AM

    You will need a RADIUS server that is integrated with your Active Directory to do Machine Authentication.

     

    ClearPass is the easy way, but people use Microsoft NPS as well.



  • 3.  RE: Machine authentification without Clearpass

    Posted Mar 02, 2020 08:56 AM

    Thank you.

     

    I searched throughly in Instant's User Guide but didn't find anything on how to setup machine authentication.

     

    Where could this information/procedure be found?



  • 4.  RE: Machine authentification without Clearpass

    EMPLOYEE
    Posted Mar 02, 2020 09:15 AM

    Ah, that is something you configure on the client and on the RADIUS server.

     

    On the client, it is in the 802.1X authentication:

    Screen Shot 2020-03-02 at 15.10.59.png

    There under Advanced settings if you select Computer Authentication, the client will use the computer account to authenticate.

     

    The RADIUS server should accept computer authentication (I think NPS doesn't by default), and if you only want computer authentication it should reject users during authentication.

     

    There is nothing to configure on the AP.