Wireless Access

last person joined: 22 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

VIA access with certificates

This thread has been viewed 6 times

  • 1.  VIA access with certificates

    Posted Apr 27, 2017 09:52 AM

    Hi forum,

     

    I'm currently trying to get VIA remote access working with the authentication process requiring a valid client/user certificate on the devices. There is already a VIA Authentication Profile which, in its Server Group, queries our RADIUS-Servers. The RADIUS itself is configured to check for valid certificates. For the VIA client to work, I have added the VIA Auth. Profile to the VIA Web Authentication. 

    Unfortunately, this  is not working and I feel that I'm lacking basic understanding of the underlying machanisms.

    As far as I understand, the VIA Auth Profile is used to control who is allowed to download the connection profile from the controller. The VIA client software, however, asks for a username and password while the RADIUS expects a certificate. This way, authentication always fails and the initial connection cannot be made.

    I don't think it is supposed to be this way. - What am I missing?

     

    Kind regards!

     



  • 2.  RE: VIA access with certificates

    EMPLOYEE
    Posted Apr 27, 2017 11:26 AM

    The EAP method is controlled in the connection profile. Each connection profile can be tied to a "pre-auth" type role.



  • 3.  RE: VIA access with certificates

    Posted Apr 29, 2017 01:08 PM

    This might help you in understanding how VIA works.

     

    https://community.arubanetworks.com/aruba/attachments/aruba/Aruba-VRDs/49/1/VIAAppNote.pdf