Wireless Access

last person joined: 21 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Forescout - Integration to Aruba Controller

This thread has been viewed 19 times

  • 1.  Forescout - Integration to Aruba Controller

    Posted Apr 04, 2016 03:18 AM

    Hi Everyone,

     

    We have a deployment of Aruba Controller which we need to integrate to Forescout.

    Basically what we want to achieve with this integration is that we will just be having a single SSID for our wireless users. When a user connects to the wireless, forescout will determine if the user is member of our active directory, it will assign its specific vlan id depending on which organizational unit it belongs. If the user is not a member of our active directory, or a local user. It will be assigned a “202” vlan, this vlan doesn’t have access to our internal network and internet. This is our current setup with our lan users using policy on forescout and we also want to implement this on our wireless users.

     

    What are the configurations I need on the Aruba side?

     

    Thanks,

    MBS

     

     



  • 2.  RE: Forescout - Integration to Aruba Controller

    EMPLOYEE
    Posted Apr 05, 2016 09:29 AM
    Does Forescout have documentation? This wouldn't be something in Aruba
    documentation. Forescout does weird stuff with SNMP instead of standard
    authentication via RADIUS.


  • 3.  RE: Forescout - Integration to Aruba Controller

    Posted Aug 25, 2016 07:04 PM

    ForeScout uses one of two ways: CoA deauth request to change VLAN using the 802.1x module or do it through a wireless block via SNMP using the Wireless module.