Security

Reply
Highlighted
Contributor II

What is the different between Terminated on Controller and Not Terminated on Controller?

Hi guys,

 

I saw the option on Cotroller 's GUI, but I still don't understand the point of terminated on controller.

 

Could some one explain about it, please?


Accepted Solutions
Highlighted
Moderator

Re: What is the different between Terminated on Controller and Not Terminated on Controller?

http://community.arubanetworks.com/t5/Unified-Wired-Wireless-Access/Authentication-with-EAP-PEAP-on-Windows-10/m-p/252679

 



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post


All Replies
Highlighted
Moderator

Re: What is the different between Terminated on Controller and Not Terminated on Controller?

http://community.arubanetworks.com/t5/Unified-Wired-Wireless-Access/Authentication-with-EAP-PEAP-on-Windows-10/m-p/252679

 



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post

Highlighted
Contributor II

Re: What is the different between Terminated on Controller and Not Terminated on Controller?

Thanks a lot, so the whole point of terminated on controller is that the role of the controller is played.

If we enable the termination on controller, then the controller would act like a authenticator,

If we disenable the termination on controller, then the controller just simply sends the packets to the Radius Server,  the Radius Server would act like a authenticator and a authentication server at the same time.

 

Is that right?

Highlighted
Moderator

Re: What is the different between Terminated on Controller and Not Terminated on Controller?

The controller is still the authenticator.

Termination:
Controller >> [LDAP/S] >> AD/LDAP
TLS tunnel: Client >> Controller

Not terminated:
Controller >> [RADIUS] >> RADIUS server > AD/LDAP
TLS tunnel: Client >> RADIUS server


You should definitely terminate on a RADIUS server.



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted
Contributor II

Re: What is the different between Terminated on Controller and Not Terminated on Controller?

Thanks again, it looks like I have to learn about the TLS first.

Highlighted
Moderator

Re: What is the different between Terminated on Controller and Not Terminated on Controller?

When using a tunneled EAP protocol like EAP-PEAP or EAP-TTLS, a secure tunnel is built between the client and RADIUS server (or controller if using termination) to exchange network credentials.



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: