03-12-2015 02:30 AM
I would like to know if there is some workaround to support EAP chaining trough Aruba controller.
We tried to set up a controller with a Cisco ISE AAA server in the enviroment where the customer is using EAP chaining (EAP-Fast v2 from Cisco) for user and device authentication. Unfortunately even without EAP termination the authentication didn't worked. For the first time usually it was successfull but after that we were unable to reauthenticate the users agin. The same configuration on Cisco WLC and non Cisco LAN switches worked fine and we also could authenticate other devices where there was simple EAP-TLS authentication (for som barcode scanners) without EAP chaining. We've got some information from an Aruba guy that as EAP-Fastv2 is not a standard yet it is not supported on Aruba controllers. But on the other side it is strange for me that for the firs try it worked and it is working on non Cisco LAN switches. Also I am not expert of EAP chaining but I would expect that it should be transparent for the infrasturcture.
Do you have any experience with EAP chaining on Aruba controllers, or some ideas for a workaround?