Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Client Authentication from the MC 7200 internal Auth Server

This thread has been viewed 3 times

  • 1.  Client Authentication from the MC 7200 internal Auth Server

    Posted Apr 25, 2016 05:59 AM

    Hello,

     

    When using the internal Authentication Server in the Mobility Controller, can a Client change his Username/Password that are stored on the Controller? Or this has to be done through an Admin Account only?



  • 2.  RE: Client Authentication from the MC 7200 internal Auth Server

    EMPLOYEE
    Posted Apr 25, 2016 06:01 AM
    No, they cannot. You should use a RADIUS server.


  • 3.  RE: Client Authentication from the MC 7200 internal Auth Server

    Posted Apr 25, 2016 06:03 AM

    What if we used the internal Auth Server? It can support up to 8192 Accounts



  • 4.  RE: Client Authentication from the MC 7200 internal Auth Server

    EMPLOYEE
    Posted Apr 25, 2016 06:05 AM
    No. You should use a RADIUS server.


  • 5.  RE: Client Authentication from the MC 7200 internal Auth Server

    Posted Apr 25, 2016 06:10 AM
      |   view attached

    Any reason?!! This is supported in the MC 7200, and you can check the attached document.

     

    For the dimensioning, please refer to Appendix D, table 24

    Attachment(s)

    pdf
    Aruba Mobility Controllers- VRD.pdf   3.38 MB 1 version


  • 6.  RE: Client Authentication from the MC 7200 internal Auth Server

    EMPLOYEE
    Posted Apr 25, 2016 06:12 AM
    RADIUS servers are purpose built. The controller functionally was from a time when RADIUS servers were not easily accessible. The internal user database should be a last resort.


  • 7.  RE: Client Authentication from the MC 7200 internal Auth Server

    Posted Apr 25, 2016 06:15 AM

    Yes, this is a temp solution in our scenario, until we implement an external Radius Server.

     

    But my question is, can the Client change his Username/Password? If it was configured in the Controller?

     

    Thanks.



  • 8.  RE: Client Authentication from the MC 7200 internal Auth Server
    Best Answer

    EMPLOYEE
    Posted Apr 25, 2016 06:17 AM

    The client cannot change their username and password if that account is located in the internal database in a controller.



  • 9.  RE: Client Authentication from the MC 7200 internal Auth Server

    EMPLOYEE
    Posted Apr 25, 2016 06:17 AM
    No, they cannot.


  • 10.  RE: Client Authentication from the MC 7200 internal Auth Server

    Posted Apr 25, 2016 06:24 AM

    Thanks.