Clearpass can be used as an accounting proxy to pass on accounting packets from your NAD devices to an external server like a firewall.etc. Purpose: ClearPass Integration with Fortinet through Radius Accounting (RSSO) would provide the User Data Flow Analysis from user perspective instead of IP address or MAC Address. Check out the [...]
The first step towards authenticating your wired, wireless and VPN clients on Clearpass is adding the respective switch or controller on Clearpass. Check out the video below on how to add them on Clearpass: https://www.youtube.com/watch?v=91rD8vsaDoc
Anybody with experience configuring Aruba Mobility Controllers would be aware of how powerful the inbuilt DPI (Deep Packet Inspection) capable stateful firewall is. In a wireless infrastructure, majority of the time, the access points are deployed in tunnel mode which means all client traffic is tunnel from the AP to the controller via GRE encapsulation. [...]
There are multiple features we can use on Clearpass each of which requires a license. These include Platform, Access, Onguard and Onboard. ClearPass Platform Activation Key: The ClearPass Platform License is the base-level license and enables ClearPass on the appliance, including the Policy Manager and Guest user interface. You must have a ClearPass Platform license [...]
Introduction: Aruba MPSK was introduced in the AOS release 8.4.x, a feature using which you can leverage the use of different PSK’s for different devices. The traditional approach is well documented in the link below: https://community.arubanetworks.com/t5/Security/Setting-up-MPSK-for-headless-IoT-devices/td-p/522858 Need for per user MPSK: We at Airowire Networks had the privilege of working with a [...]
Why is it a bad idea to use port 389 for LDAP communication between Clearpass and your Active Directory?
What is LDAP: LDAP stands for Lightweight Directory Access Protocol. As the name suggests, it is a lightweight client-server protocol for accessing directory services, specifically X.500-based directory services. LDAP runs over TCP/IP or other connection-oriented transfer services. LDAP is defined in RFC2251 "The Lightweight Directory Access Protocol (v3). Connection between LDAP and Clearpass: On [...]
What is LDAPS (Lightweight Directory Access Protocol Over Secure Socket Links): LDAPS is a distributed IP directory protocol like LDAP, but which incorporates SSL for greater security. The default port for an LDAPS service provider URL is 636. Among the two ports used for LDAP, TCP/UDP 389 and TCP 636, the latter is always recommended [...]