Log in to ask questions, share your expertise, or stay connected to content. Don’t have a login? Join now.
This document describes configuring AWMS and FreeRADIUS so that AWMS users are authenticated against a FreeRADIUS server. The process involes making 3 configuration changes on FreeRADIUS, and defining that FreeRADIUS server as an auth server for the AWMS.CONFIGURING FREERADIUS:I. For each user, add an Aruba-Admin-Role attribute:Syntax:<username> User-Password := "<password>"Aruba-Admin-Role = "<name of awms role>Examples:jane User-Password := "password123"Aruba-Admin-Role = "AMP Administration" john User-Password := "topsecret"Aruba-Admin-Role = "ResNet AP Monitoring" Framed-IP-Address = 192.168.1.1Framed-IP-Netmask = 255.255.255.0II. Define a shared secret (which also must be added on the AWMS):In /etc/raddb/clients.conf add a section allowing the AWMS (or a network) to be a RADIUS client:Syntax:client <ip address or network> {secret = <secret>shortname = <label>}Example:client 10.2.32.0/24 {secret = airwaveshortname = corp_dev_net}III. Copy dictionary.aruba from the AWMS's filesystem to the FreeRADIUS server:Location on AWMS: /opt/airwave/share/freeradius/dictionary.aruba Copy to this directory on FreeRADIUS: /usr/share/freeradius/dictionary.arubaCONFIGURING AWMS:On the AMP Setup -> Authentication page, enable RADIUS Auth, and provide the ip addresses, ports and secrets for your FreeRADIUS servers.
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.