Security

Upcoming community maintenance Oct. 27th through Oct. 29th
For more info click here
Reply
Highlighted
All-Decade MVP 2020

SSO Guest on Wired ArubaOS Switch

Hi Everyone,

 

I've setup a wireless SSID with OneLogin guest integrations for user authentication using SSO/SAML. Working great.

 

Now the customer wants to replicate the same thing on wired. However the issue I'm hitting is that the wired authentication on an ArubaOS switch uses the Login Method of server-initiated and wants a COA.

 

So i setup a MAB service to send the user to a captive portal, which has the Pre-Auth check set to SSO. The user logs into the OneLogin service, but when they get redirected back to ClearPass i see a failed authentication the WebAuth service, and the user is prompted with a captive portal for username/password.

 

The difference i see is with the Aruba WiFi i have a RADIUS submission form the AP, which then hits a service with auth method set to SSO. When I have an ArubaOS Switch, it comes in as a web auth, and i can't find a way to enabled SSO on the WebAuth. I also can't find a way to cache the auth to the endpoint in the SSO service.

 

Has anyone done this?

 

Thanks!

-------------------
ACDX, ACCP, CISSP, CWNA
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: