Aruba Networks, Configuration Example, Switching
AOS – WireShark: remote capture
AOS switches have the option to monitor / copy traffic from port A to port B. You also have the option to send the monitor traffic to a remote switch or even to a remote host. When the remote host is running WireShark, the monitored traffic can be analysed on the remote host. First you … Read More
Aruba Networks, Configuration Example
Migrate RAP from AOS 6.x to AOS 8.x
I guess something that many HPE Aruba wireless engineers have to do these days is migrating the “old” AOS 6.x environment to the new AOS 8.x with Mobility Masters. I am not going to explain what the differences between both are and what a Mobility Master does, but I have a tip when you need … Read More
Aruba Networks, ClearPass, Configuration Example, Security, Switching
Downloadable User-Roles and NTP sync
The HPE Aruba switches have this cool feature called downloadable user-roles (DUR). DUR enables the switch to use a central ClearPass server to download user-roles to the switch for authenticated users. More and more customers want to implement wired authentication to strengthen the security level of their network. Via DUR the switches perform an HTTPS … Read More
MacOS X
I used MacOS X already in the past on an “old” MacBook and I have an iMac at home, but recently I am using a MacBook Pro for work. This blog is just a wrap up for “things” that I use often, but for some reason I always forget. Add Static route Add a static route via … Read More
ClearPass – REST API
Description: I created some Python scripts for ClearPass. The scripts can be found on Github. There are several directories: config: contains the parameters to authenticate against ClearPass and acquire an access token; general_scripts: some general configuration scripts, like a Password Generator script or Date/Time script; guests: scripts for adding or deleting guest accounts. I created a … Read More
FortiGate – OnDemand Token Timeout
Today’s customer is having a problem with OnDemand tokens on a FortiGate firewall. The FortiGate firewall uses RADIUS authentication for SSL VPN user authentication. FortiAuthenticator is used as RADIUS server. To strengthen the security levels, FortiAuthenticator is configured to demand two-factor authentication (2FA) for successful authentication. FortiAuthenticator has multiple options to demand 2FA from a … Read More