Aruba Downloadable User Roles

Downloadable User Role Flow Chart

Reading Time: 16 minutesThis post is all about Aruba Downloadable User Roles and how to use them for wired and wireless access with dot1x and mac authentication. If you use Downloadable User Roles, you get a central point of configuration for all access-related configurations. ClearPass, which is used as the radius server, will have all the roles available. … Read more

Aruba AP Authentication

Campus AP Authentication - Provision AP for EAP-TLS

Reading Time: 19 minutesMost organizations are moving to a network where all ports are authenticated. This could lead to problems when we try to connect an AP to a network port as AP authentication is more than just an accept. There are two types of AP that might be considered. First, the Campus AP, which needs to connect … Read more

ClearPass SSO with Azure AD

ClearPass SSO with Azure AD - Setup SSO

Reading Time: 7 minutesIn this post, I show how to configure ClearPass SSO with Azure AD. I use SSO (single sign-on) to authenticate operators, using ClearPass. To use SSO for users to authenticate against the network and onboard new devices, for example, will be a later post. What and Why? So what is SSO or single sign-on? Actually … Read more

IAP VPN Guest Solution With Captive Portal

Reading Time: 7 minutesAfter my last post about an IAP VPN, I’ve got a lot of questions regarding an IAP VPN guest solution, either with or without a captive portal. This post is all about an IAP VPN guest solution. I use a controller as the VPN concentrator and for the captive portal. You can use ClearPass for the … Read more

Captive Portal without PEFNG License on ArubaOS8

Reading Time: 6 minutesOn a regular basis, I get the question on how to configure a wireless captive portal without the PEFNG license on the controller. This post is to address this and to show how you can use a wireless captive portal without PEFNG license. Notice, I always recommend using PEFNG license. Not to use PEFNG should … Read more

ClearPass Guest Operator Login with AD

Reading Time: 5 minutesClearPass Guest is one of the most used guest systems and makes it very easy to allow specific people or a group of people to create guest accounts. They can also maintain their own accounts. To allow this you need to configure the ClearPass Guest operator login. The last post about operator login for ClearPass covered the login … Read more

ClearPass Operator Login with Active Directory

Reading Time: 4 minutesWhen you setup ClearPass, you always need to authenticate your operator. In this post, I will describe an easy way to use Active Directory for ClearPass operator login. I use AD here because most of my customers use AD. So, we can work with it and do not have to set up something new or … Read more

How To use the ClearPass RestAPI

Reading Time: 7 minutesThis article is all about the ClearPass RestAPI. My goal is to give you a short overview of the capabilities of the ClearPass RestAPI and show one possible use case. Maybe you can comment on the article and describe your use case. I’m working on a project with the need to onboard a device with ClearPass. … Read more

MAC Authentication with Username using ClearPass

Reading Time: 5 minutesEver wondered why you can’t use MAC authentication and get the correct username for monitoring purposes, for example? Actually, with ClearPass you can use MAC authentication with a username. You can return the correct username, not the MAC address so that monitoring applications can use this username instead of the MAC address. Configure the Controller … Read more