Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

RADIUS, AAA and VPN connected to AD

This thread has been viewed 3 times

  • 1.  RADIUS, AAA and VPN connected to AD

    Posted Oct 11, 2017 10:51 AM

    Hey,

     

    so I'm completely new to Aruba and haven't really worked with it. 

    We are using Aruba as our Wifi network, so we have a 7010 controller and some 305 and 315 AP's which are working fine. 

    We have a OpenVPN with tinyca, which we are growing too big for and we would like to have a RADIUS/AAA for authentication to our Wifi. 

     

    I read a bit about the solution from Aruba, there is the Clearpass as RADIUS and VIA as VPN Client. 

    Now my Questions: 

    1. Can the Authentication to the Wifi network be done by AD account? 

    2. How are the Certificated for VIA created for the user?(I just read that certifications are possible, but I couldn't find how it is done)

    3. Can the User use the AD account to create the Cert / access the VPN?

    4. Do we need the Licence for every Aruba Controller, or just for the ones providing the VPN access? 

     

    thanks in advance :) 

     



  • 2.  RE: RADIUS, AAA and VPN connected to AD

    EMPLOYEE
    Posted Oct 11, 2017 10:58 AM
    It's best to have a design discussion with your Aruba partner.


  • 3.  RE: RADIUS, AAA and VPN connected to AD
    Best Answer

    Posted Oct 11, 2017 02:27 PM

    Tim's right, but here are my general answers. You use case will be different which is where your partner will be able to help you.

     

    1. Yes.

    2 and 3. We use AD group policy to create and push certificates to managed devices, and the VPN client uses those certificates to access the VPN.

    4. I don't know how licensing works for VPN (sorry)