MFA for Aruba ClearPass
Aruba ClearPass is the NAC and policy engine behind a lot of enterprise wireless and wired access. It does rich authorization, but layering phishing-resistant MFA across its services is extra work. Authnull integrates as an external authentication/RADIUS source ClearPass can call, so you add a factor without re-architecting policy. You register Authnull as an authentication source, reference it in the relevant service, and a factor is enforced on the access methods you select.
Aruba ClearPass forwards the login; Authnull adds the factor.
ClearPass forwards authentication to Authnull as an external source; Authnull validates the identity, challenges for the factor, and returns the result, after which ClearPass applies its enforcement profile. Your existing services and roles stay intact.
Configure MFA for Aruba ClearPass
Real steps — the exact menus, fields, and values. Follow along in your console; the whole thing takes about 25 minutes.
Add Authnull as an authentication source
Register the Authnull connector as a RADIUS/external authentication source in ClearPass.
Reference it in the service
Add the source to the authentication methods/sources of the service that handles your Wi-Fi, wired, or VPN access.
Keep your enforcement policy
Leave the role mapping and enforcement profiles as they are — Authnull adds the factor before enforcement runs.
Test via Access Tracker
Authenticate from a covered client and watch the request flow through Authnull in Access Tracker.
Closes the MFA gap auditors look for
Enforcing MFA on Aruba ClearPass gives you evidence for the remote-access and privileged-access controls in SOC 2 and the access requirements under CCPA — with per-login logs you can hand straight to an assessor.
Add MFA to Aruba ClearPass — free to start.
Spin up Authnull, point Aruba ClearPass at it, and enforce a factor on a pilot group today. No card, no rip-and-replace.