Controllerless Networks

Hi All,

Need your help know if we can achieve the below scenario through IAP,

We are planning to deploy a mesh and scenario will be as below,

Client (wired) ------> Outdoor (3rd party AP) --------> Aruba IAP ---------> AAA server

We have to configure 2 SSID's, one with standard Hotspot based authentication and 2nd with EAP-TTLS based authentication, Since EAP-TTLS is not supported on IAP we can do EAP termination on the AAA server.

There will be multiple DHCP ip pools which will be used for this setup,

• IP pool of Public IP’s for the hotspot users connecting through SSID_1
• IP Pool of private IP’s for the allocation to the 3rd party AP's (this is for 3rd party AP management) connected through EAP-TTLS.
• IP Pool Aruba IAP management

How should we configure the IAP to get DHCP management ip from management pool

Since we will connect to 3rd party AP through 2.4Ghz mesh how can we pass the public ip vlan through the same. Is this achievable on IAP?

Regards,

Mayur.

Hmmm, 

About the TTLS support on IAP - it is from the manual: 

EAP-TTLS (MSCHAPv2)— The Extensible Authentication Protocol-Tunneled Transport Layer Security (EAPTTLS)
method uses server-side certificates to set up authentication between clients and servers. However,
the actual authentication is performed using passwords.

Regarding multiple pools,if I understood corectly - could you assign them to different VLANs? You can then map IAP management to native or to tagged VLAN (in AP config) as well as the users that could be mapped statically or dynamically per RADIUS response or by configuration of the mapping parameters in the SSID/VLAN configuration. 

Regards, 

Marek