Wireless Access

Aruba 7010 (software 6.5)

Open SSID

hi we are trying to configure MAC based authentication and Radius Authentication (with Domain controller) for using active directory username and password. once successfully passed these MAC & AD user authentication only able to get the network /internet access.

Our Query.

1. How can we configure MAC authentication (do we need to add MAC address manually to contoller or is it possible to check from Active directory).

2. once complete the MAC authenticaation user browser automatically redirect to captive portal, there user need to put active directory username and password for network /internet access.

Are you using NPS? If so, I believe the functionality required will be limited. This can be easily accomplished using ClearPass.

Otherwise, you will need to have some backend system with the MAC and/or do some other type of authorization. The flow is definitely possible but will be limited by the backend auth system being used.

1. you can utilize internal database or use NPS for this (or both :D)

2. You can try these:

- Create MAC based auth wifi, "initial role" and "802.1x role" set to denyall

- mac role set to "logon" (or new profile.. )

- edit logon profile, set to use captive portal (L3) profile.

- on L3, enable user login (username / password), set user role to "allow-internet-role", set  authentication server to NPS

-Yopianus Linga-