MetaDefender NAC Cloud
Summary
This document provides scripts to complete the installation of RADIUS NAC connect Aruba Wireless Controller.
Note: We use hostname nac-b.opswat.com or nac-eu.opswat.com (for EU regions) for our cloud resources.
Prepare Certificates
From your account, download the RadSec Client certificate.
Upon extraction, a sample Certificate folder should looks like:
Aruba Configuration
Import certificates:
- Import the root certificate of the CA that has issued your RADIUS NAC with the type CA certificate
- Import your Aruba Client certificate with the type Server certificate
- Setup Radius and Role
conf taaa rfc-3576-server <NAC-IP>key radsecenable-radsec!aaa authentication-server radius "NAC_RBE"host <NAC-IP>enable-radsecradsec-trusted-cacert-name "RadiusCA"radsec-client-cert "RadSec"!aaa authentication-server radius "NAC_Acct"host <NAC-IP>enable-radsecradsec-trusted-cacert-name "RadiusCA"radsec-client-cert "RadSec"!aaa authentication dot1x "NAC-dot1x_prof"end!write memory- Create OpenWireless Example
conf taaa server-group "NAC_RBE_svrgrp"auth-server "NAC_RBE" position 1!aaa server-group "NAC_Acct_svrgrp"auth-server "NAC_Acct" position 1!aaa authentication mac "SC_Open_RBE_Mac_Auth"delimiter nonecase upper!aaa profile "NAC-Open_SSID"authentication-mac "SC_Open_RBE_Mac_Auth"mac-server-group "NAC_RBE_svrgrp"radius-accounting "NAC_Acct_svrgrp"radius-interim-accountingrfc-3576-server <NAC-IP>!wlan ht-ssid-profile "NAC-Open-htssid_prof"!wlan ssid-profile "NAC-Open-ssid_prof"essid "NAC-Open"ht-ssid-profile "NAC-Open-htssid_prof"!wlan virtual-ap "NAC-Open-vap_prof"aaa-profile "NAC-Open_SSID"ssid-profile "NAC-Open-ssid_prof"vlan <VLAN-ID>!ap-group "NAC"virtual-ap "NAC-Open-vap_prof"!end!write memoryWas this page helpful?
