Controllerless Networks

Occasional Contributor II

LDAP Authentication and MAC Authentication?

One of our clients has an SSID that uses an external LDAP server for authentication. And they have asked if it is possible to enable MAC Authentication, before the 802.11x authentication happens. From what I have read in the User Guide this should be possible in certain scenarios.


Unfortunately I haven't been able to make it work in our lab environment, which is set up like this:


- WLAN Authentication is WPA2-Enterprise PEAP-GTC

- The users authenticate against an Active Directory (LDAP)

- I have added the allowed MAC addresses to the Aruba Instant User Database.


I have been able to set up MAC Authentication an WPA2 Pre Shared Key, but not this scenario.


When setting up WPA2 PSK I'm able to select which authentication server I'll use for the MAC addresses (as shown in the screenshot 2), but not when using WPA2-Enterprise (on the other screenshot 1)


We are running an IAP 135 cluster with version


Is it possible to use both LDAP Authentication to an external server and Mac Authentication (Internal Aruba Instant User DB) on the same SSID at the same time? Is there another way to do this?

Occasional Contributor II

Re: LDAP Authentication and MAC Authentication?

I'm running ArubaOS on a 7005-Controller based solution with AP214's. I want to use LDAP to authenticate MAC addresses and users. Preferably, to add the MAC address in some additional field in LDAP vs. separate MAC address accounts, but right now, getting this to work with separate MAC address accounts is doable. 


It does appare the MAC address is successfully authenticated via LDAP, but the LDAP service is unable to assign derivation (?). The user doesn't seem to be authenticated after the MAC address succeeds. AT least nothing shows in the logs to indicate that it does. 

Guru Elite

Re: LDAP Authentication and MAC Authentication?

What are you using for a RADIUS server?

Sent from Nine

| Tim Cappalli | Aruba Security | @timcappalli | |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
Showing results for 
Search instead for 
Did you mean: