We have a campus setup with Airwave and IAP's. We our main headquarters and 5 remote sites with local virtual controllers. We have an issue with users and there Ipad's and Iphone's, when there 90 day password expires and they are authenticated to our Wifi it locks out there Novell account. We would like to combat this by setting up a pre-shared key with MAC authentication. But so far it looks like we would have to manually enter all 150 different MAC addresses on each virtual controller. Is there a way in Airwave to have one MAC database and it to automatically be pushed to all of the virtual controllers. Also it would need to be pushed whenever the database is updated as new devices are added. If this is not possible with IAP's can this be done with a Master Controller and Local controllers at each facility?
Take a look at AirWave 7.7.5.when released in the next couple of days. AirWave has a new UI that mimics the Instant WebUI. You can configure the IAP Internal DB here. This is done on a per-group basis and is documented in the IAP Deployment guide (DeployingInstantInAirwave.pdf).
So it would be possible to create a "Master Group" that would hold our internal MAC DB and then we could have that "master group" pushed to the rest of our groups?
This is correct. You should be able to use Airwave 7.7.5 for this per the comment above. However, a better solution would be MAC auth using a radius server and centralize it that way if you have one.
Seth-
That would create a giant maintenance issue with having to dig into a config file on the radius server that would have to be constantly altered. Plus MAC addresses aren't the nicest thing to enter in, we are just concerned that it will get a bad entry or something will eventually break.
Not if you had ClearPass....very easy to setup MAC address lists :)
However, with Airwave alone, you should be all set.
Ah yes Clearpass another 30k investment? Ha. The rest of the department here is just on the fence about Airwave and Instant, and are contemplating going back to all Controllers, which also would be quite expensive.
Basically the big issue is with the MAC address push. We were led down a bad path of setting up Airwave, and it really needs to be redone from scratch. It would be nice if it were possible to install a seperate instance of Airwave and redo everything and test with 2 of our smaller sites.
You can certianly install a 90 day eval of Airwave for this purpose.
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.