Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1399
Views
0
Helpful
1
Replies

Some Aruba WLCs only authenticating when configured with Juniper device profile in Indentity Services Engine.

Go to solution
franjean47
Level 1
Level 1

‎09-28-2020 06:26 AM - edited ‎09-28-2020 06:33 AM

In our environment we have Juniper and Aruba WLCs that have been deployed and configured both types with their respective Device Profile Types. All the Junipers are placed in 1 Network Group Location where the policy set is configured to allow access to the Juniper Authorization Result and the Arubas with similar configuration to allow access with a different policy to the Aruba Authorization Result. 

We have some Arubas that only work with the Juniper device profile and Juniper Authorization result, while the rest of them (roughly 50%) work using the Aruba device profile and Aruba Authorization result. In the detailed authentication report we see that for the Arubas that are not working properly the Authentication Method and Service Type are the same as for the Junipers but different from the Arubas that are working properly.

All the Junipers work as expected.

 

So the questions that I have are the following

1. Why are some the Arubas only working when we configure them as Junipers in ISE; is it because the Authentication Method and Service Type settings can only be properly handled with the Juniper Device Profile in combination with a Juniper Authorization Result (currently observed behavior) ?

 

2.  If the above is the reason, where can those settings be modified/changed; is it the endpoints/devices (laptops, desktops etc) that determines them or the WLCs?

Preview file
23 KB
Preview file
18 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
marce1000
VIP
VIP

‎09-28-2020 08:02 AM

 - Check if these info's can help you : 

            https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200270-ISE-2-0-3rd-Party-integration-with-Aruba.html

           https://community.cisco.com/t5/network-access-control/cisco-ise-integration-with-aruba-wlc/m-p/3484904

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

View solution in original post

0 Helpful
1 Reply 1

Go to solution
marce1000
VIP
VIP

‎09-28-2020 08:02 AM

 - Check if these info's can help you : 

            https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200270-ISE-2-0-3rd-Party-integration-with-Aruba.html

           https://community.cisco.com/t5/network-access-control/cisco-ise-integration-with-aruba-wlc/m-p/3484904

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful
Customers Also Viewed These Support Documents