MacOS Big Sur and SSLKEYFILELOG
Today I had to decrypt SSL/TLS traffic from my browser. There are a lot of resource available to explain the steps necessary to capture traffic and decrypt the traffic, like How to Decrypt SSL with Wireshark – HTTPS Decryption Guide. However, I noticed that my ssl-keys.log file wasn’t populated when starting Chrome of Firefox. The … Read More
ClearPass, Management, Security
ClearPass, Azure AD, SSO and Object ID
Single sign-on is nothing new and I am not going to tell you how to configure ClearPass to use SAML SSO with Azure AD. There is a lot of documentation available, like: Flomian Networking – ClearPass SSO with Azure AD ClearPass Onboard Cloud Identity Providers This post is about an issue I was facing with … Read More
Aruba Networks, ClearPass, Configuration Example, Security
ClearPass – custom MPSK
Multiple PreShared Key (MPSK) is the ideal replace for the old-fashioned static PSK environments. MPSK provides the flexibility and scalability which traditional PSK networks are lacking. MPSK provides a per device pre shared key. Aruba ClearPass is the authentication server to verify the pre shared key entered on a device. To create a pre shared … Read More
Getting your AOS-CX switch in Central
Everybody is talking about Cloud Management and since Aruba Central is upgraded to 2.5.2, there is the ability to manage your AOS-CX switch in Central via Template Groups. To get this done, it is necessary to get your switch connected to Central and this isn’t always a matter of booting the switch, configure IP address, … Read More
Configuration Example, Management
phpIPAM – Azure and SAML authentication
What is easier than using your Azure credentials to log in to your web applications like phpIPAM? My daily job is networking, like routing, switching, wireless, and Wi-Fi, so I had to puzzle when I had to configure SAML2 authentication between phpIPAM and our company Azure infrastructure. I couldn’t find a lot of information about … Read More
User tunnel not operational
HPE Aruba switches have the concept of user-based tunnelling. In short, the wired connections behave like a wireless connection. All traffic from the wired client is tunnelled to the central controller. This provides functions like central firewalling and micro-segmentation by blocking inter-user traffic. Yesterday I had a customer complaining that multiple clients weren’t able to … Read More