Azure Site to Site VPN with an Aruba Gateway

Aruba Gateway Site to Site VPN - Tunnel Status

Reading Time: 4 minutes As described in earlier posts I run EVE-NG in Azure. For several reasons, I need a direct connection to EVE-NG and the nodes within EVE-NG. I could use an Aruba Gateway in Azure but this would consume too much of my tight budget, so I decided to use an Azure Site to Site VPN with … Read more

Unmanaged SD-Branch Virtual Gateway in EVE-NG

Virtual Gateway - Download Device Identity

Reading Time: 3 minutes For some testing, I need some Aruba SD-Branch gateways. Instead of using hardware gateways, which I do not have, I use a virtual gateway. You could run them in ESXi as well, but why not use EVE-NG for this. For instructions on how to install EVE-NG use the following link: EVE-NG in Azure For other … Read more

Wired Guest Access with Aruba Wireless Gear

Create new Network - Security

Reading Time: 6 minutes This is maybe an uncommon scenario but I was asked to write something about this topic. Let’s assume you have Aruba Wireless Gear but your switching stuff is not from Aruba. In this post, I will show how to configure Aruba Controllers or Aruba IAPs to provide Guest Access to wired users as well. I … Read more

Aruba Downloadable User Roles

Downloadable User Role Flow Chart

Reading Time: 16 minutes This post is all about Aruba Downloadable User Roles and how to use them for wired and wireless access with dot1x and mac authentication. If you use Downloadable User Roles, you get a central point of configuration for all access-related configurations. ClearPass, which is used as the radius server, will have all the roles available. … Read more

Aruba VIA VPN with IKEv2

Aruba VIA VPN - Successful VPN Connection

Reading Time: 12 minutes This post is to show how Aruba VIA VPN with IKEv2 works. With IKEv2 we switch to a certificate-based authentication which makes it easier for users and more secure for the whole organization. In an older post here I did a basic setup with IKEv1 and username password. This new post will leverage IKEv2 and … Read more

Aruba AP Authentication

Campus AP Authentication - Provision AP for EAP-TLS

Reading Time: 19 minutes Most organizations are moving to a network where all ports are authenticated. This could lead to problems when we try to connect an AP to a network port as AP authentication is more than just an accept. There are two types of AP that might be considered. First, the Campus AP, which needs to connect … Read more

ClearPass Sponsored Guest Login

ClearPass Sponsored Guest Login - Guest Caching Wizard

Reading Time: 10 minutes This post describes how to set up a self-registration guest login page with sponsor approval. I use this ClearPass sponsored guest login at home for all my guests. Actually, my wife had the idea to use this kind of setup. The solution will be very easy but you will get a good overview of how … Read more

ClearPass with Gmail SMTP Server

ClearPass with Gmail - Add Context Server

Reading Time: 3 minutes Most of you will use some kind of mail server to allow ClearPass sending mails. So even if you do not use ClearPass with Gmail, this might be interesting, even if the ClearPass part is the simple part of this post. If you use a Gmail account for sending emails from your ClearPass this might … Read more

Port Forwarding with SD-Branch

Port Forwarding with SD-Branch - Add Policy to the WAN Port

Reading Time: 6 minutes After some time of absence, I’m back now, with a new lab in a new home. So I can build new cool stuff to test different and new setups. One part of the new LAB is SD-Branch and as I use my Synology Diskstation to backup this blog I need to create a rule to … Read more

LACP For AP’s With Two Ethernet Ports

LACP for AP's - Set GRE Striping IP

Reading Time: 9 minutes I was asked on how to configure LACP for AP’s connected to a controller and I was not able to answer this question out of my mind so I decided to figure it out for myself. And as always, when I need to test something, I write a post about it. This is my post … Read more

%d bloggers like this: