cnPilot with Aruba Clearpass as Radius Server

Hey Guys,

does anyone has any experience with the cnPilot products in combination with the aruba Clearpass?

i don't get any communication with these two products.

If i use another radius (for testing purposes) it works. But no chance with the aruba clearpass.

Is this combination generally possible?

Maybe someone can help me

Regards 

Michael

Hi Michael, 

I need to check if clear pass was tested on CnPilot. 

I hope this is for enterprise WPA2 authenication with clear pass, please confirm. 

Do we have any log from the clear pass? that would help us understand where it is failing. 

Hi Michael,

What are you trying to achieve? Is Clear Pass acting as a AAA or is it tunneling traffic into it, so it can analyze header information and provide data such as traffic type classificaiton etc?  For example, we support L2oGRE tunneling to 3rd party gateways (such as MicroTik) etc.

cnPilot products work wtih many 3rd party backend systems like Cloud-4-Wi and Purple Wi-Fi, so unless there are specific restriction by Aruba, we should be able to interoperate with a Clearpass controller

Can you share the use case you are trying to do and the architecure of how you plan to connect them?

Hey 

sorry for my late answer.

We solved the problem and everything works fine (was an error in our network...the firewall blocked the communication. Not the whole communication but the authentication request)

FYI

L2GRE is not supported in Mikrotik because Mikrotik didn't use open standard GRE.

This statement said by Mikrotik Forum Guru and I test myself.

So for L2GRE, cambium way is to connect to cnMaestro as proxy

http://community.cambiumnetworks.com/t5/cnMaestro/cnMaestro-GRE-Tunnel-Configuration-amp-Debugging/m-p/75493

http://community.cambiumnetworks.com/t5/cnPilot-E-Series-Enterprise-APs/Layer-2-Generic-Routing-Encapsulation-L2GRE-softGRE-support-on/td-p/63514
https://community.cambiumnetworks.com/t5/cnMaestro/Feature-Overview-L2GRE-EoGRE-Tunnel-Concentrator-on-cnMaestro/td-p/68379

We are trying to connect Cambium APs with Clearpass as a Radius.
But are Unable to connect the devices.
Can you please help us as per your experience.

As mentioned by "Michael_rh" earlier in the same thread, clearpass AAA with cnPilot AP should work. Please make sure that the NAS client and policy matching the AP to authenticate. Please share the clear pass debug logs. 

hi,

may be clear pass looking few additional radius attributes which we can configure using ap cli

E430-368BB9_Anandisusing(config-wlan-1)# radius-server rad-attr service-type

 

  <1-11> <Login:1|Framed:2|Callback Login:3|Callback Framed:4|Outbound:5|Administrative:6|NAS Prompt:7|Authenticate Only:8|Callback NAS Prompt:9|Call Check:10|Callback Administrative:11>