One of my customers is using ISE and Aruba wireless. The Aruba wireless is broadcasting a Eduroam SSID. They are having issues with students authenticating to the Eduroam SSID. Below is the description of the issue:
"The problem is in the user authentication from ISE to LDAP. According to Eduroam enigneers, the password needs to be unhashed from ISE to LDAP in order for it to work. What was recommended was TTLS PAP. On the Aruba controllers, that is not an option that we can see. Options are TLS/GTC or PEAP/MSCHAPV2. So the question is, are there any other clients with an Aruba install broadcasting an Eduroam SSID, utilizing ISE with LDAP as their external identity server? I know another customer is currently running an Aruba install with ISE but are running it against AD. Which works well in our environment as well. But all of the student records are within LDAP."
The customer was provided with this following guide:
https://communities.cisco.com/docs/DOC-75525
They also have a TAC case open as well.
Any help is appreciated.
Thanks,
Dan