Aruba Networks ClearPass Integration Guide (RADIUS)
Introduction
Use this guide to enable Multi-Factor Authentication access via RADIUS to Aruba Networks ClearPass
Prerequisites
1. Have Aruba Networks ClearPass and access to the administration console / CLI
2. Configure the RADIUS Server on SecureAuth IdP
Aruba Networks ClearPass Configuration Steps
There are two (2) options to configure ClearPass: WebUI configuration or CLI configuration
Follow the preferred method's steps only
Option 1: WebUI Steps
1. In the Aruba Networks ClearPass WebUI Console, navigate to Configuration --> Security --> Authentication --> Servers
2. Select RADIUS Server to display the RADIUS Server List
3. Provide a Name for the new server, e.g. SecureAuth, and click Add
4. Select the name to configure the parameters, such as IP Address; and then check Mode to activate the server
5. Click Apply
6. Select Server Group to display the Server Group List
7. Provide a Name for the new server group, e.g. corp_rad, and click Add
8. Select the name to configure the parameters
9. Under Servers, select New to add a server to the group
10. Select the server (i.e. SecureAuth) from the dropdown menu and click Add Server
11. Click Apply
12. Navigate to Configuration --> Management --> Administration
13. Under Management Authentication Servers, select a management role, e.g. root, for the Default Role
14. Check Mode to activate
15. For the Server Group, select the newly created group, i.e. corp_rad
16. Click Apply
Option 2: CLI Steps
Add New RADIUS Server
aaa authentication-server radius SecureAuth host <ipaddr> enable
Add New Server Group
aaa server-group corp_rad auth-server SecureAuth
Define Role for Server Group
aaa authentication mgmt default-role root enable server-group corp_rad