Security

Reply
Highlighted
Occasional Contributor II

certificate in controller Vs RADIUS configuration

Hi,

 

We use WPA2 with AES and authentication is PEAP, microsot NPS as RADIUS and certificate is installed in RADIUS, connection terminates in RADIUS server. Could somone explain the difference in having connection terminates in controller vs a configuration where connection terminatesin RADIUS server, which is better and easy.

 

 

Thanks

 


Accepted Solutions
Highlighted
All-Decade MVP 2020

Re: certificate in controller Vs RADIUS configuration

Termination can allow the controller to handle the EAP portion of the authentication for situations where a standard compliant radius server isn't available. I believe you can use this in a situation where perhaps you wanted to do LDAP based auth and still need something to handle EAP. As it's already been said, there is really no advantage when you have NPS already running.
ACDX #419 | ACMP |

View solution in original post

Highlighted
Moderator

Re: certificate in controller Vs RADIUS configuration

Many times EAP termination requires you to install a supplicant on the client. Most environments use a RADIUS server like NPS/IAS or ClearPass


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post


All Replies
Highlighted
Moderator

Re: certificate in controller Vs RADIUS configuration

You should use NPS. Termination is easier in smaller deployments but offers less flexibility.


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted
Occasional Contributor II

Re: certificate in controller Vs RADIUS configuration

Thank you, could you explain more about flexibility, advantage in controller termination.

 

 

Highlighted
All-Decade MVP 2020

Re: certificate in controller Vs RADIUS configuration

Termination can allow the controller to handle the EAP portion of the authentication for situations where a standard compliant radius server isn't available. I believe you can use this in a situation where perhaps you wanted to do LDAP based auth and still need something to handle EAP. As it's already been said, there is really no advantage when you have NPS already running.
ACDX #419 | ACMP |

View solution in original post

Highlighted
Moderator

Re: certificate in controller Vs RADIUS configuration

Many times EAP termination requires you to install a supplicant on the client. Most environments use a RADIUS server like NPS/IAS or ClearPass


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: