Security, WIDS/WIPS and Aruba ECS

Occasional Contributor II

WPA2 802.1x auth remote to controller

Hi All,

I've never done anything with 802.1x before, so please bear with me.

We have a new requirement for a customer who has existing 802.1x WPA2 in various sites over a WAN. The RADIUS server is central and the sites are remote (assume hundreds of miles apart). Their current setup uses Cisco routers with built in wifi (857W) and I have access to those configs. What we would like to do, is install a RAP2, connected to a NEW ADSL WAN service via E0, that service would connect the RAP2 to it's Mobility Controller. Now, using E1, I would like to connect in to the original router/WAN service and provide them with a second SSID using 802.1x through their WAN connection, not ours.

So to summerise, there would be two Data Centers/Central locations, ours with the Aruba Controller and theirs with the RADIUS server. 2 WAN connections and 2 routers, the RAP2 being the "bridge" between the tw using it's two ethernet ports. I have tested this setup with simple WPA-PSK for the second SSID and it works fine, I can associate and ge an IP from the second router, using access/bridge mode for the SSID and E1. My question is, can I use 802.1x in a location that is unroutable to the Aruba Controller in this way?

Also, because the 802.1x would normally be done via the same connection that the AP has to the controller and if that is down, it would be unable to do this, i cannot configure an "Always" SSID as these are not available, using 802.1x, however, i would still require the SSID to be up and able to do 802.1x if the link to the controller was severed!

Hope this makes some sense!
Search Airheads
Showing results for 
Search instead for 
Did you mean: