Security

 View Only
last person joined: 9 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

override username in Aruba controller from ClearPass

This thread has been viewed 16 times
  • 1.  override username in Aruba controller from ClearPass

    Posted Mar 03, 2014 11:10 AM

    I saw this thread about how to set the username instead of the MAC for mac auth:

    http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/How-to-return-username-MAC-auth/td-p/138541

     

    can something similar be done for other authentication methods, i.e. EAP-PEAP / EAP-TLS? or wont it work there?



  • 2.  RE: override username in Aruba controller from ClearPass

    EMPLOYEE
    Posted Mar 03, 2014 01:44 PM

    I believe a similar process could work although I've never tested it.  I know this post and have seen how it works so it would lead me to believe that it might be possible



  • 3.  RE: override username in Aruba controller from ClearPass

    Posted Mar 03, 2014 01:48 PM

    well i tried and it didn't :) so now im wondering if i do something wrong or if it isnt possible. i can imagine that the proces for dot1x is different and the controller will just not accept it.

     

    any chance anyone else could try?



  • 4.  RE: override username in Aruba controller from ClearPass

    EMPLOYEE
    Posted Mar 03, 2014 01:53 PM

    I just tried it with PEAP and the controller does not show the overridden username.

     

    overriden-un.PNG

     

    username-override-peap.png



  • 5.  RE: override username in Aruba controller from ClearPass

    EMPLOYEE
    Posted Mar 03, 2014 01:54 PM

    Going back and thinking a bit, there isn't a IETF "username" in a mac auth SSID so perhaps this cannot be overriden. 



  • 6.  RE: override username in Aruba controller from ClearPass

    EMPLOYEE
    Posted Sep 03, 2024 05:16 PM

    Dusting off a very old thread. I was just testing today on 8.12.0.2, and had the same issue. If you uncheck "Set username from dhcp option 12" in your AAA profile, then you can send a username from ClearPass -> the controller with MAC Auth at least.