Is something not working as expected? In most situations, the Controller merely passes on the RADIUS request to the Auth Server, ISE in your case. As long as the ISE is defined as a RADIUS Server on the Aruba Controller, the IPs and shared secret match then you should be good to do. If the ISE merely sends back a RADIUS Accept then the 802.1X Authentication Default Role will be assigned to the client.
Have you reviewed this guide?
Original Message:
Sent: May 15, 2023 02:17 PM
From: reilj
Subject: Aruba Controller client EAP TLS authentication configuration using Cisco ISE
I am looking for some documentation on Aruba EAP TLS configuation using Cisco ISE. I have been setting up my controller clusters to authenticate but am looking for some pointers , documentation , or any thing to look out for. I have sent them my controller ip's and dns names, would I also have to include the client ssid subnet for this authentication.
The ssid I have configured for EAP TLS auth has the initial role as blank and the 802.1X Authentication Default Role: AtriumHealthTeam_Authenticated_role with just allowing all traffic right now.
The client is the supplicant, the controller is the authenticator and the ISE is the server.
Any pointers would be appreciated. Thanks