Security

Reply
Highlighted
Contributor II

Authentication Server Ordering in Mobility Master 8.4

I am working to point our Mobility Master and the controllers (through the MM) to a VIP versus individual clearpass servers for authentication.  Is there not a way to order the authentication servers so that I don't have to remove them all and re-add them back in to get my VIP to be primary authentication for Radius and Tacacs?  


Accepted Solutions
Highlighted
Guru Elite

Re: Authentication Server Ordering in Mobility Master 8.4

Okay.  If the VIP is on an F5 (and not CPPM) just remove all of the servers and then add the F5 ip address.  That should be it...  Is there something keeping you from doing that?  Existing clients should still authenticate to the specific radius server that they authenticated to before.  If you are skeptical, just do it in two steps, after hours.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide

View solution in original post


All Replies
Highlighted
Guru Elite

Re: Authentication Server Ordering in Mobility Master 8.4

- How many servers do you have?

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Contributor II

Re: Authentication Server Ordering in Mobility Master 8.4

We have 3 cppm servers and would like to point to the VIP (hosted on an F5) for load balancing.
Highlighted
Guru Elite

Re: Authentication Server Ordering in Mobility Master 8.4

Okay.  If the VIP is on an F5 (and not CPPM) just remove all of the servers and then add the F5 ip address.  That should be it...  Is there something keeping you from doing that?  Existing clients should still authenticate to the specific radius server that they authenticated to before.  If you are skeptical, just do it in two steps, after hours.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide

View solution in original post

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: