Helpful tips

What is a RadSec certificate?

What is a RadSec certificate?

RadSec Server Certificate RADIUS-over-TLS (Transport Layer Security), or RadSec, employs a TLS tunnel to enable secure communication between the controller and a ClearPass server. Employing RADIUS communication over TLS increases the level of security for authentication.

What is ClearPass RadSec?

RADIUS over TLS, or RadSec, is an early access feature being introduced in ClearPass starting with the 6.7.4 release. RadSec is defined in RFC 6614. RadSec continues to maintain RADIUS functionality from earlier RFCs while tunneled over a secure TLS encrypted TCP session between the NAD and ClearPass.

How do I configure RadSec?

To configure RadSec, set up a 802.1X or MAC auth WLAN and select Enable under RadSec. Here, provide the Server Name, Server Addresses, and RADIUS Authentication Server. Navigate to Organization -> Settings to obtain the Mist Certificate and enter your RadSec Certificate to complete the setup.

What is RadSec Aruba?

An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. communication over TLS.

Does Microsoft NPS support RadSec?

Yes, the NPS suppor the EAP-TLS authentication. You can following the following steps to create the wireless EAP-TLS or PEAP-TLS authencation. 1. Configure the certificate infrastructure.

What is RadSec proxy?

Answer. RadSec is a protocol that secures RADIUS communications over untrusted networks and is what Extreme APs use to authenticate PPSK users and RADIUS users stored in the cloud. RadSec proxy selection is automatic. Two APs are dynamically elected as RadSec proxies on every management subnet.

How do I renew my Clearpass RADIUS certificate?

In order to have this certificate installed correctly the following needs to be done:

  1. – Right click on the base64 file then select Open, go to certification tab and highlight your clearpass certificate.
  2. – Go to details tab and then select copy to File.
  3. – Click Next.

What is EAP TLS?

Extensible Authentication Protocol – Transport Layer Security (EAP-TLS) is an IETF open standard that’s defined in RFC 5216. More colloquially, EAP-TLS is the authentication protocol most commonly deployed on WPA2-Enterprise networks to enable the use of X. 509 digital certificates for authentication.

What port is RADIUS?

The RADIUS protocol uses UDP packets. There are two UDP ports used as the destination port for RADIUS authentication packets (ports 1645 and 1812). Note that port 1812 is in more common use than port 1645 for authentication packets.

What is RadSec proxy server aerohive?

RadSec is a protocol that provides a means to secure RADIUS communications over untrusted networks, and a RadSec proxy server is an AP that relays RADIUS communications from hive members in the same management subnet to HiveManager NG over RadSec on TCP port 2083.

How do I install a certificate on ClearPass?

To import your SSL file and the private key, perform the following;

  1. Log into your Aruba ClearPass CPPM console.
  2. Go to Administration > Certificate > Server Certificate.
  3. On the right, click Import Server Certificate.
  4. In the Import Server Certificate window, upload your SSL certificate and private key:
  5. Click Import.

Is ClearPass a radius server?

You have now defined the ClearPass server as a RADIUS server, and the RADIUS server is a member of a RADIUS server group. These tasks are required before you can use the ClearPass Policy Manager server as a RADIUS server in the network.