Wireless Access

last person joined: 4 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

RSA SecurID with Aruba

This thread has been viewed 4 times

  • 1.  RSA SecurID with Aruba

    Posted Mar 15, 2013 06:09 AM

    First of all I want to say hi to everyone because it my first post.

    I have question about deploying RSA SecurID as authentication solution in Aruba Instance environment. 

    I know that is deployment guide abut integration with RSA RADIUS but afaik RSA RADIUS SERVER does not support EAP-MSCHAPv2. How you guys solve it in your networks? You Use different RADIUS and native integration with RSA agent? Use different authentication protocol than EAP-MSCHAPv2? 

    Please help and share your experience because i'm looking equivalent solution to integration RSA with Cisco ACS.



  • 2.  RE: RSA SecurID with Aruba

    Posted Mar 17, 2013 11:02 PM

    Kenny,

     

    RSA uses a version of Funk/Juniper SBR for radius so MSCHAPv2 should be possible.  I believe that when Aruba is doing EAP-Termination with EAP-GTC as the inner-type that we use PAP to query the RSA RADIUS server.  This PDF is old but discusses the RSA Radius server.  The Aruba controller will cache the token that the client sends so that roaming access points doesn't cause a request for another token for the configured time period (the token cache period).  These settings are under the advanced tab of your 802.1x profile. 

     

    Hope this Helps,

    Dennis



  • 3.  RE: RSA SecurID with Aruba

    Posted Oct 24, 2013 06:42 AM

    If somebody was looking is it possible to use MSCHAPv2 with RSA Token it doesn't. It is only working with PEAP-GTC or PAP.

    And Aruba solution only integrate with RSA using RADIUS not native client.

     

    Best regards,

     

    K