Why do we need VPN authentication profiles on the controller?

Aruba Employee
Aruba Employee

Environment : This article applies to all controller models and all OS versions.


When the VPN clients (RAPs, VIA, and third-party VPN clients) submit authentication credentials, the VPN server on the controller has to validate them against an authentication server and assign a user role to the authenticated clients. The VPN authentication profiles in the ArubaOS define the user role assigned for authenticated VPN clients, an authentication server, and the server group to which the authentication server belongs. The three predefined VPN authentication profiles are: 

default: for VIA and third-party VPN clients 
default-cap: for campus APs (CAPs) 
default-rap: for RAPs 

These three profiles allow the use of different authentication servers, user roles, and IP pools for VIA clients, CAPs, and RAPs. 

NOTE: Additional VPN profiles cannot be added. The default and default-rap profiles are configurable, but the default-cap profile cannot be edited.

Version history
Revision #:
1 of 1
Last update:
‎06-29-2014 10:21 AM
Updated by:
Search Airheads
Showing results for 
Search instead for 
Did you mean: