Controllerless Networks

Reply
Regular Contributor I

Re: WPA2- Personal vs Enterprise

Check out this post:

 

http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/EAP-TLS-configuration/td-p/37358

 

There is some information there about what you need to do. From the Aruba side there should be minimal changes, it would be the back end auth server which needs to process the EAP request.

 

As for configuring a PKI, with AD its pretty simple. If you are moving away from AD, you would need to find another CA. There are paid options like Entrust or Clearpass, or free options like http://www.ejbca.org/ (i've not tested this, just some googling found it). If you are not familiar with Public Key Infrastructure(PKI) this might be a large undertaking, and you might need to involve a partner or contractor.

 

Certificate auth is, in my opinion, the best and most secure way to authenticate, but it also is somewhat more complicated(you also need to find a way to put certificates on all the devices).

 

Username/Password on something like FreeRadius might be the best option if you don't have budget for a more enterprise solution.

 

-------------------
ACDX, ACCP, CISSP, CWNA
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: