Security

Hi Forum,

 

Can I have it configured where when a user provide EAP-PEAP credentials on thier smart device I redirecte them to the onboard page but not ask them to web authenticate again on the portal?

When using an Aruba controller, yes, you can use Aruba ASO.

In most cases, dual SSID onboarding is recommended for security reasons.

I can probably google "what is aruba ASO"

but can you elaborate?!

http://community.arubanetworks.com/t5/Security/Video-demo-of-new-ClearPass-Auto-Sign-On/td-p/150106

Thanks Tim, I was asking about something native without the need to idp. Cisco ISE does it by default when you onboard clients and I was curious to see if ClearPass has it as well out of the box.

This is completely native in ClearPass and the controller. No external IdP is required.

I should go watch that video.

 

Thanks again.

The video covers ASO with third party apps. It can also be used internally with ClearPass SAML functions like Onboard. It's covered in the SAML TechNote.

Woow too many steps to get this simple task. I guess it is better than not having it at all. 

I figured ClearPass is always a step ahead of ISE and though it might be a check box.

Do dual SSID onboarding ;)