Security

I have integrated my guest SSID on my controller with ClearPass Guest authentication and that appears to be working.  I want to add mac caching and mac authentication for guest users, so that they don't have to reauthenticate every time their device wakes up, or they reconnect to the guest WLAN.  I'd like to give them an 8 hour window where they can reauthenticate using their cahed mac address, rather than using a username and password.  I wasn't quite sure how to accomplish what I want to do, so I disabled my working guest access service and used the service template, Guest MAC Authentication, to create a new service.  This appears to create two new services:Guest MAC Authentication, and Guest Access with MAC Caching.  I am not certain what each of these new services does, or how to modify them to accomplish my task.

 

Any assistance, or configuration documentation would be greatly appreciated.

Not sure if you check this document. Please refer to page 44.

http://community.arubanetworks.com/aruba/attachments/aruba/tkb@tkb/220/2/Aruba%20Wireless%20and%20ClearPass%206%20Integration%20Guide%20v1.3.pdf

Aruba controller? First you add mac auth profile (dash separator is fine) and mac auth server (clearpass) in your guest- AAA profile.
Second adjust the ssid name in the two new services the wizard created.
-》Done! There is some more tweaking you can do, but at this stage it will work.

Thank you, John.  It took some fiddling, but I was able to get this working.  I will have to tinker a bit more when I have some time, but for now MAC Auth appears to be functioning.