Cloud Managed Networks

Reply
Highlighted
Contributor II

Machine authentification without Clearpass

Hi, does anyone know if it is possible to configure machine authentification with only Instant APs/VCs and Active Directory? There is no Clearpass involved.

Highlighted
MVP Guru

Re: Machine authentification without Clearpass

You will need a RADIUS server that is integrated with your Active Directory to do Machine Authentication.

 

ClearPass is the easy way, but people use Microsoft NPS as well.

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).
Highlighted
Contributor II

Re: Machine authentification without Clearpass

Thank you.

 

I searched throughly in Instant's User Guide but didn't find anything on how to setup machine authentication.

 

Where could this information/procedure be found?

Highlighted
MVP Guru

Re: Machine authentification without Clearpass

Ah, that is something you configure on the client and on the RADIUS server.

 

On the client, it is in the 802.1X authentication:

Screen Shot 2020-03-02 at 15.10.59.png

There under Advanced settings if you select Computer Authentication, the client will use the computer account to authenticate.

 

The RADIUS server should accept computer authentication (I think NPS doesn't by default), and if you only want computer authentication it should reject users during authentication.

 

There is nothing to configure on the AP.

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: