07-18-2018 08:08 AM
We are implementing an Aruba deployment to one of our clients.
The client has Cisco WLAN controllers with SSIDs using WPA2 with MAC filtering. On those controllers they added the Active Directory as a RADIUS server to validate that the MAC address exists on a specific list of MAC.
So they are asking us to configure that on our Aruba Controllers. I have added the AD server as Radius server under Authentication tab and I have enabled MAC authentication on the WLAN wizard. I know that MAC filtering isn't secure and will not scale well but that is what our customer wants.
So I want to know if we can implement that.
Thank you in advance.
Daniel Méndez Vargas
Solved! Go to Solution.
Re: MAC filtering based on Active Directory list
07-18-2018 08:11 AM
07-18-2018 04:52 PM
The AAA profile on the Aruba Controller has a mac authentication profile. You need to make sure that the case and delimeter in that profile match what is in AD. Also, the controller expects the username and password to be the mac address when pointed to that radius server. Lastly, the radius server will need to have PAP enabled to successfully authenticate mac addresses.
I would so anything to steer the customer to something like 802.1x instead of going through this exercise.
*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars