Aruba VIA VPN with IKEv2

Aruba VIA VPN - Successful VPN Connection

Reading Time: 12 minutes This post is to show how Aruba VIA VPN with IKEv2 works. With IKEv2 we switch to a certificate-based authentication which makes it easier for users and more secure for the whole organization. In an older post here I did a basic setup with IKEv1 and username password. This new post will leverage IKEv2 and … Read more

Aruba AP Authentication

Campus AP Authentication - Provision AP for EAP-TLS

Reading Time: 19 minutes Most organizations are moving to a network where all ports are authenticated. This could lead to problems when we try to connect an AP to a network port as AP authentication is more than just an accept. There are two types of AP that might be considered. First, the Campus AP, which needs to connect … Read more

ClearPass Sponsored Guest Login

ClearPass Sponsored Guest Login - Guest Caching Wizard

Reading Time: 10 minutes This post describes how to set up a self-registration guest login page with sponsor approval. I use this ClearPass sponsored guest login at home for all my guests. Actually, my wife had the idea to use this kind of setup. The solution will be very easy but you will get a good overview of how … Read more

ArubaOS Controller Whitelist Sync with ClearPass

Reading Time: 10 minutes I was writing some new posts and realized that I missed one basic post for you. If you ever went through the process of provisioning many new AP’s to a controller, you may be looked for a simpler way to do the provisioning work. The solution is the whitelist. Every ArubaOS controller has an internal whitelist … Read more

iMC Operator Login with Radius (ClearPass)

Reading Time: 5 minutes Long ago, I configured my iMC server to use AD based operator login. you can read the post here. After having ClearPass up and running I will do the iMC operator login with radius. This post describes how this works. iMC Operator Login: Prepare ClearPass The first step is to prepare ClearPass. Those are the normal steps … Read more

External SQL Authentication Source with ClearPass

Reading Time: 3 minutes Recently, I had a customer who had all of his user accounts in an external SQL database and we were looking for a way to authenticate against this external SQL authentication source with ClearPass. It is easy, to get this working and the following post demonstrates the configuration. ClearPass supports MSSQL, Oracle and PostgreSQL out … Read more

MAC Authentication with Username using ClearPass

Reading Time: 5 minutes Ever wondered why you can’t use MAC authentication and get the correct username for monitoring purposes, for example? Actually, with ClearPass you can use MAC authentication with a username. You can return the correct username, not the MAC address so that monitoring applications can use this username instead of the MAC address. Configure the Controller … Read more

Operator Login with Radius Authentication and Authorization

Reading Time: 4 minutes This time is all about radius based operator login, as some devices might not support TACACS+. The post describes the operator login with radius authentication and command authorization. This post covers only the ArubaOS devices which do not support TACACS+ command authorization. Operator Login with Radius on ArubaOS Switches For those ArubaOS switches, which do … Read more

Operator Login with ClearPass TACACS+

Reading Time: 10 minutes This post is all about operator login with ClearPass. I show the implementation of authenticating a network operator to Aruba Switches, Comware based switches, Aruba Controller and AirWave. For some devices, I will show the process with TACACS+. For those, which do not support TACACS+, I use radius authentication, which I describe in a later … Read more

Aruba Instant with External Captive Portal

Reading Time: 7 minutes This time, I write about the scenario, using Aruba Instant with external captive portal. With external portal, I did not mean ClearPass. It can be a simple web server, with a simple web page, hosing the captive portal. I show, how to send back the information to Instant AP and get the user online. How … Read more