Controllerless Networks

Hello Aruba community,

I use some Aruba APs for my home wifi because they are really good. So, I am a greenhorn on the subject of wifi. The APs are attached to Cisco switches via a VLAN. The central component is a small CheckPoint firewall. The firewall act as a DHCP server and default GW. At the moment I only have some SSIDs for different iPhones and iPADs with WPA2-Enterprise everything works fine. New is now a MacBook Air, which should be in the basement. But the MacBook only has a WLAN interface. The connection works fine, BUT only when I'm logged in MAC OS X. I now want the notebook to connect to the WLAN BEFORE without login manually into the system. 802.1X is supposed to be required, see here:

https:/ntsystems.itpostjoining-wifi-before-login-on-mac-os-x-108

I can do the MAC part. But I have no idea how to set up the 802.1X on the APs. Above all, I don't want to build a PKI or run a Windows server. I could install a freeradius on a NAS (Synology). Therefore the following questions:

1. Can I do 802.1X WITHOUT certificates with the Instant APs at all, only with password-based authentication?

2. If yes, is there a good guide somewhere where this is explained for such a beginner llike me?

3. If no, is there another easy way to solve my problem?

Hopefully someone can help, I'm grateful for any hint!

ciao

ryder

Hi, as for your questions:

1. Yes, you can do PEAP with user database on the IAPs. This is really easy to set up and you don't need any hardware besides the Instants. Just be aware of the fact that this setup is extremely insecure if you are not  using a certificate to verify that you are indeed connecting to your network - anybody can setup the same WLAN and listen for your credentials.

2. Just turn it on and add some users to the internal DB. No guide needed.

3. There is no easy way - if you want a secure network you need certificates.