Hi All,
Did anybody successfully deploy Aruba stateful dot1x feature to achieve
interoperability with third-party AP?
We would like to explore this feature in the following way. Trunk WLANs
from third-party AP to a Aruba aggregator/concentrator AP wired port,
third-party AP will do dot1x authentication for its client while Aruba
do the stateful dot1x for passing thru third-party AP client. In this
way, we can lift the campus wide layer 2 VLAN requirement for the
interoperability.
Another thing related to this, if we want to use VLAN pooling feature on
Aruba side, could we mimic the VLAN pooling on third-party AP in the
following way?
Third-party AP will be in distinct block of IP address space. In
freeradius we could do the following logic
If ( Aruba ) {
Return role name
#so Aruba can map to the VLAN pool
} elsif ( Third-party-AP) {
Hash "calling-station-id"
Return the vlan name or number as the same as the Aruba
VLAN pool hash result
}
The benefit of this is that roaming station could keep the same IP
address between Aruba and third-party APs.
Any comment are welcome!
Shiling
******************************
Shiling Ding, CCIE
[email protected]
Network Specialist
Information Technology Services
Florida State University
******************************
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
