HPE Aruba – Aruba Central - Passpoint

  • Updated

Purpose

This article guides you through the creation and configuration of an Aruba Central network based on AOS-8 or AOS-10 to support the Cloud4Wi Passpoint solution.

 

Please note that the images contained in this article may contain outdated configuration data and visuals. Therefore, please make sure to use the value specified in the text description rather than those captured in the screenshots. 

 

Setup the SSID

  • Navigate to Devices under the Manage section of your group.
  • Click Config on the top right.

  • Go to the WLANs tab and click + Add SSID.

  • On step 1 General, provide a Name for the SSID and click Next

  • On step 2 VLANs, configure according to your network and click  Next

  • On step 3 Security 
    • Enterprise under Security Level
    • Choose WPA2-Enterprise under Key Management
    • Select the primary and secondary Radius server

  • Primary/Secondary Server: to set the RADIUS configuration you must click on the + next to the Primary/Secondary Server dropdown. The Create Server dialog appears.



    Create a Primary and Secondary Server, filling the Create Server dialog with the values indicated in the following table

     

    Primary Server

    Parameter Value
    IP Address/FQDN 52.48.102.108
    Auth Port 1812
    Acct Port 1813
    Secret <it will be communicated by Cloud4Wi>
    Accounting Enabled
    Radsec Disabled

     

    Secondary Server

    Parameter Value
    IP for Hostname 34.252.97.217
    Auth Port 1812
    Acct Port 1813
    Secret <it will be communicated by Cloud4Wi>
    Accounting Enabled
    Radsec Disabled

 

  • Expand the Advances settings area

  • Scroll until you find the Accounting section.
    • Select Use authentication servers on the Accounting dropdown
    • Enter 5 minutes on the Accounting Interval input

 

  • Find the  Passpoint Service Profile and click Manage Passpoint Services to create a new profile



  • Under Passpoint Service Profiles click + Add Profile


  • Give a Name to the Profile then click Access Network


  • In the Domain Name write the same configured in the Cloud4Wi dashboardEnable Internet
  • As Operator Friendly Name enter the same configured in the Cloud4Wi dashboard

  • Under NAI Realms click +Add


  • In Realm Name write the domain name configured in the Cloud4Wi dashboard
  • As EAP Method select eap-ttls
  • As Authentication param select ID: non-eap-inner-auth and Value: mschapv2


  • Click OK

 

OpenRoaming (if desired)

To also enable OpenRoaming

  • in the Roaming Consortium OI 1 write “5A03BA0000”.
  • in the Roaming Consortium OI 2 write "004096".

  • Click Save
Access TAB
  • Select Unrestricted under Access rules
  • Click Next
On the Summary click Finish

Related articles

Articles in this section

See more