Aruba Virtual Controller

This page explains different configuration scenarios for Aruba Virtual Controller and authentication with IronWifi.

Captive Portal and Sign-on with IronWifi RADIUS

aruba_captive_portal1

 

Sign-in to the Aruba Administration console available at http://instant.arubanetworks.com:4343.


 

aruba_captive_portal2

Navigate to Network -> Edit and open configuration settings of a network that should be protected with a Captive Portal with RADIUS authentication - aruba qa in our example.


 

aruba_captive_portal3

 

Configure Client IP & VLAN Assignment. In our example, we keep the default settings.

 


 

arubacaptive_portal4

 

Navigate to the Security tab and configure Security Level:

Splash page type: External

Captive portal profile: qa in our example

Auth server 1: qa in our example

Accounting: Use authentication servers

Encryption: Disabled


aruba_captive_portal5

 

Click on the Edit button next to the Captive portal profile and enter values from the IronWifi console:

Type: Radius Authentication

IP or hostname: console.ironwifi.com

URL: /api/pages/46/

Port: 443

Use http: Enabled

Captive Portal failure: Deny internet

Automatic URL Whitelisting: Enabled

Redirect URL: empty


 


aruba_external_radius6

 

Click on the Edit button next to the Auth server 1 and enter values from the IronWifi console:

IP address: 81.89.56.92 in our example

Auth port: 5701

Accounting port: 5702

Shared key: xxxxxxxxx


 

aruba_walled_garden7

 

Click on the Walled garden link and enter values from the IronWifi console:

Whitelist: all IP addresses and hostname from IronWifi console

 


 

 

allow https

 

By default, Aruba controller will intercept HTTPS traffic to all external servers breaking SSL connections. To prevent this, we need to create new Role permitting TCP connections to port 443 on external servers - splash.ironwifi.com, google.com, facebook.com etc.

 

pre-authentication

Enable the Assign pre-authentication role and select create role. Click on the Finish button to apply new settings.