Wireless Access

Occasional Contributor I

Forescout - Integration to Aruba Controller

Hi Everyone,


We have a deployment of Aruba Controller which we need to integrate to Forescout.

Basically what we want to achieve with this integration is that we will just be having a single SSID for our wireless users. When a user connects to the wireless, forescout will determine if the user is member of our active directory, it will assign its specific vlan id depending on which organizational unit it belongs. If the user is not a member of our active directory, or a local user. It will be assigned a “202” vlan, this vlan doesn’t have access to our internal network and internet. This is our current setup with our lan users using policy on forescout and we also want to implement this on our wireless users.


What are the configurations I need on the Aruba side?







Re: Forescout - Integration to Aruba Controller

Does Forescout have documentation? This wouldn't be something in Aruba
documentation. Forescout does weird stuff with SNMP instead of standard
authentication via RADIUS.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
New Contributor

Re: Forescout - Integration to Aruba Controller

ForeScout uses one of two ways: CoA deauth request to change VLAN using the 802.1x module or do it through a wireless block via SNMP using the Wireless module.

Search Airheads
Showing results for 
Search instead for 
Did you mean: