Wireless Access

Occasional Contributor I

Integration of 2-Factor Authentication to work with AMP

I am working on integrating a 2-factor authentication solution to work with AMP. In our setup AMP is configured to send authentication requests (user login) to a RADIUS server which then proxies to 2-factor server. On the AMP login page a user enters their username and for the password they enter a randomly generated password and pin from a token. The process of proxying to the external server seems to be working as the external 2-factor server and local RADIUS server all indicate a "access granted" but AMP indicates "login failure."  Anyone ever run into this issue before or have any ideas how to resolve this issue.


Guru Elite

Re: Integration of 2-Factor Authentication to work with AMP

If you are doing this over radius, you must also return the aruba-admin-role attribute, otherwise it will fail.  See the document here:  http://na2.salesforce.com/servlet/servlet.FileDownloadPkb?file=00P40000007WQi6&orgId=00D3000000008G4&pPid=50140000000apnL on how to setup the vendor specific attribute required for Airwave Authentication.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Occasional Contributor I

Re: Integration of 2-Factor Authentication to work with AMP

Thanks, that is what the problem was. I had the local RADIUS server set to return the aruba-admin-role attribute but the externel RADIUS server that was proxied for the actual authentication was not.

Search Airheads
Showing results for 
Search instead for 
Did you mean: