Add to collection(s) Add to saved
  1. No category
Uploaded by jertmann

Aruba wireless LAN controller - Passpoint configuration – Help Center

advertisement 
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
☰ Sign in
Help Center > Cloud4Wi Platform > WiFi network configuration
🔍
Search
Aruba wireless LAN
controller - Passpoint
configuration
This guide describes how to set up and test your Aruba wireless environment so you
can use it with Cloud4Wi Paspoint service. You’ll create a set of configuration profiles
that you assign to a virtual access point.
Log in to the Aruba wireless LAN controller dashboard as a user with
administrative privileges.
Configure Hotspot 2.0.
Set up a secure RADIUS connection.
Create the wireless LAN.
Assign all profiles to a virtual access point.
Troubleshoot the configuration.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
1/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
Prerequisites
This user guide applies to Aruba Mobility Controllers with AOS 8.x or later.
AOS 6.4.x is the minimum version to support Passpoitn capabilities (documentation
coming soon).
Log in to the Aruba wireless
LAN controller
To start the configuration process, log in to the Aruba wireless controller dashboard as
admin. For existing environments with additional users, log in as a user with
administrative privileges.
The Aruba Dashboard appears.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
2/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
Note: There are a number of options to set. Only the options that require your input are
shown. Default values are used for options that don’t need adjustment.
Configure Hotspot 2.0
Hotspot 2.0 allows mobile devices to join a WiFi network automatically, including during
roaming, when the devices enter the Hotspot 2.0 area.
Define ANQP profiles
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
3/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
Access Network Query Protocol (ANQP) provides a range of information, such as IP
address type and availability, and roaming partners accessible through a hotspot.
Note: Because the process for defining ANQP profiles is the same for all ANQP profiles,
detailed screen captures are shown only for the first ANQP profile definition.
ANQP Domain Name Profile
The ANQP Domain Name Profile identifies the hotspot operator domain name.
1. Select Configuration and then System from the menu on the left side of the
Aruba Dashboard.
2. Select the Profiles tab on the top right of the dashboard. A list of all profiles
appears.
3. Select Wireless LAN from the Profiles list.
4. Under Wireless LAN, select ANQP Domain Name. On the right side of the page,
an area appears where you’ll define the profile.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
4/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
5. Click + next to ANQP Domain Name Profile to add the profile. Text boxes appear.
6. Enter the Profile Name and Domain Name into the text boxes, such
as “PasspointProfile” and the domain provided in the Passpoint setting page of
your Cloud4Wi dashboard, such as “testhotspot.securewifi.io”.
7. Click Submit on the bottom right. This saves and loads the configuration.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
5/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
8. Click Pending Changes on the top right.
The Pending Changes dialog box appears.
9. Click Deploy Changes to commit the configuration.
The completed profile should look similar to this image.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
6/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
Note: A completed profile shows a “Submit As” selection next to “Cancel” and
“Submit”. You only use “Submit As” if you’re changing an existing configuration.
ANQP NAI Realm Profile
The NAI Realm Profile describes the Network Access Identifier (NAI) values and the
method used for authentication. The values you enter here are reflected in the Generic
Advertisement Service (GAS) Response frame.
1. Select Configuration and then System from the menu on the left side of the
Aruba Dashboard.
2. Select the Profiles tab on the top right of the dashboard. A list of all profiles
appears.
3. Select Wireless LAN from the Profiles list.
4. Under Wireless LAN, select ANQP NAI Realm. On the right side of the page, an
area appears where you’ll define the profile.
5. Click + next to ANQP NAI Realm Profile to add the profile. Text boxes appear.
6. Enter the Profile Name and NAI Realm Name into the text boxes, such as
“Cloud4Wi_Realm_Profile” and “*.securewifi.io”.
7. For NAI Realm Encoding, take the default value (uses a UTF-8 formatted
character string).
8. (Optional) Click the checkbox next to NAI Home Realm to specify this as the
Home Realm.
9. Select eap-ttls for NAI Realm EAP Method 1. The ANQP NAI Realm
Authentication Param 1 information box appears.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
7/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
10. Click + at the bottom left of the ANQP NAI Realm Authentication Param 1 box.
The Add New dialog box appears.
11. For ID, select credential-type. For Value, select cred-cert.
12. Click again + at the bottom left of the ANQP NAI Realm Authentication Param
1 box. The Add New dialog box appears.
For ID select non-eap-inner-auth. For Value, select non-eap-mschapv2
13. Click again + at the bottom left of the ANQP NAI Realm Authentication Param
1 box. The Add New dialog box appears.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
8/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
For ID select expanded-inner-e… For Value, select eap-method-ttls
14. Click OK.
15. Click Submit on the bottom right. This saves and loads the configuration.
16. Click Pending Changes on the top right. The Pending Changes dialog box
appears.
17. Click Deploy Changes to commit the configuration.
The completed profile should look similar to this image.
ANQP Roaming Consortium Profile
The Roaming Consortium Profile defines the service provider identity in beacons and
probe responses to clients.
1. Select Configuration and then System from the menu on the left side of the
Aruba Dashboard.
2. Select the Profiles tab on the top right of the dashboard. A list of all profiles
appears.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
9/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
3. Select Wireless LAN from the Profiles list.
4. Under Wireless LAN, select ANQP Roaming Consortium. On the right side of
the page, an area appears where you’ll define the profile.
5. Click + next to ANQP Roaming Consortium Profile to add the profile. Text boxes
appear.
6. Enter the Profile Name, such as “PasspointProfile”.
7. Enter "004096" for the Roaming Consortium OI Value.
8. Click Submit on the bottom right. This saves and loads the configuration.
9. Click Pending Changes on the top right. The Pending Changes dialog box
appears.
10. Click Deploy Changes to commit the configuration.
The completed profile should look similar to this image.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
10/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
ANQP Venue Name Profile
The ANQP Venue Name Profile defines information elements for venue group and
venue type, with a provision for a valid venue URL. The venue name is a unique
identifier for each business site. For example, if your business is a coffee shop with 3
locations, each location is a specific site.
11. Select Configuration and then System from the menu on the left side of the
Aruba Dashboard.
12. Select the Profiles tab on the top right of the dashboard. A list of all profiles
appears.
13. Select Wireless LAN from the Profiles list.
14. Under Wireless LAN, select ANQP Venue Name. On the right side of the page,
an area appears where you’ll define the profile.
15. Click + next to ANQP Venue Name Profile to add the profile. Text boxes appear.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
11/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
16. Enter the Profile Name into the text box, such as “PasspointProfile”.
17. Select an appropriate Venue Group and Venue Type. (They default to
“unspecified”.)
18. Enter the Venue Name, such as "TestArubaVenue".
19. Click Submit on the bottom right. This saves and loads the configuration.
20. Click Pending Changes on the top right. The Pending Changes dialog box
appears.
21. Click Deploy Changes to commit the configuration.
The completed profile should look similar to this image.
H2QP WAN Metrics
The ANQP Venue Name Profile defines a Hotspot 2.0 Query Protocol (H2QP) profile
that specifies the hotspot WAN status and link metrics. The values under this category
indicate the WAN Link capacity, speed and status.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
12/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
1. Select Configuration and then System from the menu on the left side of the
Aruba Dashboard.
2. Select the Profiles tab on the top right of the dashboard. A list of all profiles
appears.
3. Select Wireless LAN from the Profiles list.
4. Under Wireless LAN, select H2QP WAN Metrics. On the right side of the page,
an area appears where you’ll define the profile.
5. Click + next to H2QP WAN Metrics to add the profile. Text boxes appear.
6. Enter the Profile Name into the text box, such as “PasspointProfile”.
7. Select the “link_up” option for the H2QP WAN metrics link status. (They default
to “reserved”.)
8. Check the box next to H2QP WAN metrics symmetric WAN link if the site has a
WAN link with symmetric speed in both the uplink and downlink directions.
(Optional)
9. Note: DO NOT check the option H2QP WAN metrics link at capacity since this
indicates that the WAN Link has reached its maximum capacity. If this parameter is
enabled, no additional mobile devices will be permitted to associate to the hotspot.
10. Select values consistent with the WAN link capacity for WAN Metrics uplink
speed: (0 - 2,147,483,647 Kbps). This indicates the current WAN backhaul uplink
speed in Kbps. If no value is set, this parameter will show a default value of 0 to
indicate that the uplink speed is unknown or unspecified. E.g. 10000
11. Select values consistent with the WAN link capacity for WAN Metrics downlink
speed: (0 - 2,147,483,647 Kbps). This indicates the current WAN backhaul
downlink speed in Kbps. If no value is set, this parameter will show a default value
of 0 to indicate that the downlink speed is unknown or unspecified. E.g. 10000
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
13/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
12. Select values consistent with the WAN link capacity for WAN Metrics uplink
load: (1-100) this indicates the percentage of the WAN uplink that is currently
utilized. If no value is set, this parameter will show a default value of 0 to indicate
that the downlink speed is unknown or unspecified.
13. Select values consistent with the WAN link capacity for WAN Metrics downlink
load: (1-100) this configures the percentage of the WAN downlink that is currently
utilized. If no value is set, this parameter will show a default value of 0 to indicate
that the downlink speed is unknown or unspecified.
14. Click Submit on the bottom right. This saves and loads the configuration.
15. Click Pending Changes on the top right. The Pending Changes dialog box
appears.
16. Click Deploy Changes to commit the configuration.
The completed profile should look similar to this image.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
14/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
Configure the Advertisement Profile
You assign the ANQP profiles you defined to an Advertisement Profile. The
Advertisement Profile collects ANQP profiles into an entity that the Hotspot 2.0 wireless
LAN can broadcast (advertise).
Create the Advertisement Profile
1. Select Configuration and then System from the menu on the left side of the
Aruba Dashboard.
2. Select the Profiles tab on the top right of the dashboard. A list of all profiles
appears.
3. Select Wireless LAN from the Profiles list.
4. Under Wireless LAN, select Advertisement. On the right side of the page, an
area appears where you’ll define the profile.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
15/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
5. Click + next to Advertisement Profile to add the profile. Text boxes appear.
6. Enter the Profile Name, such as “Aruba Passpoint”.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
16/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
7. Click Submit on the bottom right. This saves and loads the configuration.
8. Click Pending Changes on the top right.
The Pending Changes dialog box appears.
9. Click Deploy Changes to commit the configuration.
Assign ANQP profiles to the Advertisement Profile
Assign (link) the ANQP profiles you defined previously to the Advertisement Profile.
1. From the Aruba Dashboard, select Configuration > System > Wireless LAN >
Advertisement > Cloud4Wi_AdvProfile > ANQP Domain Name. The ANQP
Domain Name Profile information box appears.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
17/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
2. Click + at the bottom left of the ANQP Domain Name Profile information box.
The Add New dialog box appears.
3. Select the ANQP Domain Name Profile you defined.
4. Click OK.
5. Click Submit on the bottom right. This saves and loads the configuration.
6. Click Pending Changes on the top right. The Pending Changes dialog box
appears.
7. Click Deploy Changes to commit the configuration.
8. Repeat the process in steps 1-7 to assign the rest of the ANQP profiles to the
Advertisement Profile. You have to submit and deploy changes for each ANQP
profile.
ANQP NAI Realm
ANQP Roaming Consortium
ANQP Venue Name
H2QP WAN Metrics
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
18/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
Configure the Hotspot 2.0 Profile
You create a Hotspot 2.0 Profile and assign (link) the Advertisement Profile to it.
Create the Hotspot 2.0 Profile
1. Select Configuration and then System from the menu on the left side of the
Aruba Dashboard.
2. Select the Profiles tab on the top right of the dashboard. A list of all profiles
appears.
3. Select Wireless LAN from the Profiles list.
4. Under Wireless LAN, select Hotspot 2.0. On the right side of the page, an area
appears where you’ll define the profile.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
19/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
5. Click + next to Hotspot 2.0 Profile to add the profile. Text boxes appear.
6. Complete this information for the Hotspot 2.0 profile.
Profile name—Enter an appropriate profile name, such as “PasspointProfile”.
Advertise Hotspot 2.0 Capability—Click the checkbox.
Access network Type—Select an appropriate option, such as “public-chargeable”.
Roaming Consortium OI value 1—Enter "004096".
Venue Group Type—Select an appropriate option, such as “business”.
Venue Type—Select an appropriate option, such as “business-professional-office”.
RADIUS Chargeable User Identity(RFC4372):—Click the checkbox.
RADIUS Location Data (RFC5580)—Click the checkbox.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
20/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
7. Click Submit on the bottom right. This saves and loads the configuration.
8. Click Pending Changes on the top right.
The Pending Changes dialog box appears.
9. Click Deploy Changes to commit the configuration.
The completed profile should look similar to this image.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
21/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
Assign the Advertisement Profile to the Hotspot 2.0 Profile
Assign (link) the Advertisement Profile you defined previously to the Hotspot 2.0 Profile.
1. From the Aruba Dashboard, select Configuration > System > Wireless LAN >
Hotspot 2.0 > Cloud4Wi_HS > Advertisement. The Advertisement Profile:
PasspointProfile information box appears.
2. Select the Advertisement Profile you defined.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
22/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
3. Click Submit on the bottom right. This saves and loads the configuration.
4. Click Pending Changes on the top right. The Pending Changes dialog box
appears.
5. Click Deploy Changes to commit the configuration.
Set up a secure RADIUS
connection
Configure Authentication Servers
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
23/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
We recommend you create both the primary RADIUS authentication server and the
secondary RADIUS authentication server. Then you’ll create a server group for them.
Add RADIUS authentication servers
1. Select Configuration and then Authentication from the menu on the left side of
the Aruba Dashboard.
2. Select the Auth Servers tab on the top left of the dashboard. A list of RADIUS
authentication servers appears, including servers and server groups.
3. Click + at the bottom left of the All Servers information box. The New Server
dialog box appears.
4. Enter the server Name, such as “Primary Radius”.
5. Enter the IP address/hostname of the RADIUS: 52.48.102.108
6. Take the default server Type of RADIUS.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
24/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
7. Click Submit. The RADIUS server you added appears in the All Servers list.
8. Double click the server you added to specify its properties. A list of Server
Options appears.
9. Complete this information for the RADIUS server.
Auth port—Take the default of 1812.
Acc port—Take the default of 1813.
Shared key—Enter the RADIUS server secret provided by Cloud4wi
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
25/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
Retype key—Re-enter the RADIUS server secret provided by Cloud4wi
NAS ID—Enter a valid site identifier for your venue. Cloud4Wi uses the RADIUS
NAS ID to identify your venue (a site location) with each RADIUS access request.
Station ID type—(Optional) Choose a valid Station ID type.
10. Click Submit on the bottom right. This saves and loads the configuration.
11. Click Pending Changes on the top right.
The Pending Changes dialog box appears.
12. Click Deploy Changes to commit the configuration.
13. Repeat steps 1-11 to add the secondary RADIUS servers, such as “Secundary
Radius”, usign the IP address 34.252.97.217
You have to submit and deploy changes for each RADIUS server
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
26/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
Aggregate the RADIUS servers into a server group
You can create groups of servers for specific types of authentication.
1. From the Aruba Dashboard, select Configuration > System > Configuration >
Authentication > Auth Servers. A list of RADIUS authentication servers appears,
including servers and server groups.
2. Click + at the bottom left of the Server Groups information box.
The Add Server Group dialog box appears.
3. Enter the server Name, such as “C4W Radius Group”.
4. Click Submit.
5. Select the newly created server group in the Server Groups list.
6. Click + at the bottom left of the Server Groups information box to add a server to
the server group. The New Server for <servergroupname> dialog box appears.
7. Select a server to add to the server group.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
27/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
8. Click Submit.
The RADIUS server you selected appears in the list of servers for the server group.
Configure the 802.1X Authentication Profile
1. Select Configuration and then Authentication from the menu on the left side of
the Aruba Dashboard.
2. Select the L2 Authentication tab on the top middle of the dashboard. Then
select 802.1X Authentication.
On the right side of the page, an area appears where you’ll define the profile.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
28/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
3. Click + next to 802.1X Authentication Profile to add the profile. Text boxes
appear.
4. Complete this information for the 802.1X Authentication Profile.
Profile name—Enter an appropriate profile name, such as “C4W 802.1x Profile”
this is to avoid using default profile in the configuration.
5. Click Submit on the bottom right. This saves and loads the configuration.
6. Click Pending Changes on the top right.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
29/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
The Pending Changes dialog box appears.
7. Click Deploy Changes to commit the configuration.
The completed 802.1X Profile should look similar to this image.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
30/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
Configure the AAA Profile
You create the AAA Profile and then assign (link) the previously defined 802.1X
Authentication Profile and RADIUS Authentication Server Group to the AAA Profile.
Create the AAA Profile
8. Select Configuration and then Authentication from the menu on the left side of
the Aruba Dashboard.
9. Select the AAA Profiles tab on the top middle of the dashboard..
On the right side of the page, an area appears where you’ll define the profile.
10. Click + next to AAA Profile to add the profile. Text boxes appear.
11. Complete this information for the AAA Profile.
Profile name—Enter an appropriate profile name, such as “C4W AAA Profile”.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
31/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
RADIUS Interim Accounting—Click the checkbox.
RADIUS Acct-Session-Id In Access-Request—Click the checkbox.
12. Click Submit on the bottom right. This saves and loads the configuration.
13. Click Pending Changes on the top right.
The Pending Changes dialog box appears.
14. Click Deploy Changes to commit the configuration.
The completed AAA Profile should look similar to this image.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
32/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
Assign the 802.1X Authentication Profile and Server Group to the
AAA Profile
1. From the Aruba Dashboard, select Configuration > Authentication > AAA
Profiles > AAA.
2. Select 802.1X Authentication under the AAA Profile you defined. The 802.1X
Authentication Profile: C4W 802.1x Profile information box appears.
3. Select the 802.1X Authentication Profile you defined.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
33/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
4. Click Submit on the bottom right. This saves and loads the configuration.
5. Select 802.1X Authentication Server Group under the AAA Profile you
defined. The Server Group: Cloud4Wi_dot1_aut information box appears.
6. Select the RADIUS Authentication Server Group you defined.
Note: With redundant servers, we recommend selecting Fail Through so that only
the primary server is active. This avoids asymmetric routing issues.
7. Click Submit on the bottom right. This saves and loads the configuration.
8. Select RADIUS Accounting Server Group under the AAA Profile you
defined. The Server Group: C4W Radius Group information box appears.
9. Select the RADIUS Authentication Server Group you defined.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
34/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
10. Click Submit on the bottom right. This saves and loads the configuration.
11. Click Pending Changes on the top right. The Pending Changes dialog box
appears.
12. Click Deploy Changes to commit the configuration.
Configure the wireless LAN
To configure the wireless LAN, you create an SSID profile and then configure the
wireless LAN with the RADIUS Authentication servers.
Create the SSID Profile
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
35/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
We recommend creating a new SSID to avoid impacting any existing SSID
configurations running in production.
1. Select Configuration and then System from the menu on the left side of the
Aruba Dashboard.
2. Select the Profiles tab on the top right of the dashboard. A list of all profiles
appears.
3. Select Wireless LAN from the Profiles list.
4. Under Wireless LAN, select SSID. On the right side of the page, an area appears
where you’ll define the profile.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
36/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
5. Click + next to SSID Profile to add the profile. Text boxes appear.
6. Complete this information for the SSID Profile. Each SSID you create will use the
properties (such as encryption, channel, ESSID and WPA type) you define in the
SSID profile.
Profile name—Enter an appropriate profile name, such as “Aruba Passpoint”.
ESSID—Enter a string value, cannot be left blank.
WPA Passphrase—Check wpa2-aes.
7. Click Submit on the bottom right. This saves and loads the configuration.
8. Click Pending Changes on the top right.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
37/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
The Pending Changes dialog box appears.
9. Click Deploy Changes to commit the configuration.
The completed SSID Profile should look similar to this image.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
38/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
Create and configure the wireless LAN
1. Select Configuration and then WLANs from the menu on the left side of the
Aruba Dashboard.
A WLANs information box appears.
2. Click + at the bottom left of the WLANs information box. You see properties to
define for the wireless LAN.
3. Complete General properties for the wireless LAN.
Name (SSID)—For example, enter “Aruba Passpoint”. Enter a name that people
who are trying to connect to the network will see.
Primary usage—Select Employee (default value)
Broadcast on—Select All APs (default value) or a group of access points.
Forwarding mode—Select the appropriate forwarding mode for your network.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
39/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
4. Click Next on the bottom right.
5. Complete VLANs properties for the wireless LAN per your network requirements.
6. Click Next on the bottom right.
7. Complete Security properties for the wireless LAN. Select Enterprise and
configure its options.
Key management—Select WPA2-Enterprise.
Reauth interval—Enter an appropriate interval (default is 1440 minutes).
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
40/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
8. Add the RADIUS Authentication servers to the wireless LAN by clicking + in the
bottom left of the Auth servers information box.
9. Select each RADIUS Authentication server and click OK on the bottom right to add
it.
10. Click Next on the bottom right.
11. In the Access properties, select the appropriate Default role for clients who join
the wireless LAN.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
41/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
12. Click Finish on the bottom right to save the wireless LAN.
13. Click Submit on the bottom right. This saves and loads the configuration.
14. Click Pending Changes on the top right.
The Pending Changes dialog box appears.
15. Click Deploy Changes to commit the configuration.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
42/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
Configure a virtual access
point
You assign the configuration profiles you’ve defined to a virtual access point (AP).
Create the Virtual AP Profile
1. Select Configuration and then System from the menu on the left side of the
Aruba Dashboard.
2. Select the Profiles tab on the top right of the dashboard. A list of all profiles
appears.
3. Select Wireless LAN from the Profiles list.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
43/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
4. Under Wireless LAN, select Virtual AP. On the right side of the page, an area
appears where you’ll define the profile.
5. Click + next to Virtual AP: New Profile to add the profile. Text boxes appear.
6. Complete this information for the Virtual AP Profile.
Profile name—Enter an appropriate profile name, such as “Aruba Passpoint”.
Forward mode—Select bridge (the selection might be different depending on your
existing network settings).
7. Click Submit on the bottom right. This saves and loads the configuration.
8. Click Pending Changes on the top right.
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
44/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
The Pending Changes dialog box appears.
9. Click Deploy Changes to commit the configuration.
The completed Virtual AP Profile should look similar to this image.
Assign all profiles to the Virtual AP Profile
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
45/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
1. From the Aruba Dashboard, select Configuration > System > Profiles >
Wireless LAN > Virtual AP.
2. Select AAA under the Virtual AP you defined. The AAA Profile: C4W AAA Profile
information box appears.
3. Select the AAA Profile you defined.
4. Click Submit on the bottom right. This saves and loads the configuration.
5. Click Pending Changes on the top right. The Pending Changes dialog box
appears.
6. Click Deploy Changes to commit the configuration.
7. Repeat steps 1-6 to assign these profiles to the Virtual AP Profile. You have to
submit and deploy changes for each profile.
1. Hotspot 2.0
2. SSID
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
46/47
12/20/22, 5:51 AM
Aruba wireless LAN controller - Passpoint configuration – Help Center
Was this article helpful?
✓
Yes
✕
No
0 out of 0 found this helpful
Return to top ⬆
Related articles
Ubiquiti - Passpoint Configuration
Cisco WLC 8.5 - Passpoint configuration
Moments overview
Meraki - WPA2 Enterprise configuration
Cloud4Wi Product Update (7.20) - Splash
Comments
0 comments
Please sign in to leave a comment.
Articles in this section
▾
Help Center
https://cloud4wi.zendesk.com/hc/en-us/articles/7717854672653-Aruba-wireless-LAN-controller-Passpoint-configuration
47/47
Related documents
Posture Config On ISE For Aruba Wireless AP
Posture Config On ISE For Aruba Wireless AP
fifth generation
fifth generation
Grade 5 Term 2 Final R 1
Grade 5 Term 2 Final R 1
Immigration to Aruba
Immigration to Aruba
Flash Cards Computer Network
Flash Cards Computer Network
Download
advertisement