Security

Reply
Super Contributor I

About WEBAUTH Service and OnGuard Agent

Hi experts,

 

Some days ago I was testing the OnGuard Application of ClearPass. I configured a WebAuth service to check the health of Windows computers when connected to corporate network 1. I installed the OnGuard Persistent Agent manually on the computer via http://<clearpass-ip>/agent/installer/windows/ClearPassOnGuardInstall.exe.

The Health Check worked properly. But now when I turn on the Windows computer I get a WEBAUTH service rejected in ClearPass, though the computer is connected to corporate network 2 (although there is still IP connectivity between ClearPass and the computer):

webauth1.PNG

webauth2.PNG

 

When connected to corporate network 1 the service works as expected:

webauth3.PNG

 

I don't want to use the OnGuard feature anymore, how can I get rid of the WEBAUTH service rejected? Is the only way removing the OnGuard Agent off the computer?

 

Regards,

Julián

Guru Elite

Re: About WEBAUTH Service and OnGuard Agent

Yes, you would need to remove OnGuard from the client.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Super Contributor I

Re: About WEBAUTH Service and OnGuard Agent

Hi Tim,

 

Just for curiosity, a couple of questions about this:

 

1. Then, what if I want to use the Health Check for computers only when connecting to corporate network 1? When some of then connect to corporate network 2 I will get the rejections on ClearPass.

 

2. How does the OnGuard Agent on the computer know the ClearPass IP address where to send the health check status?

 

Regards,

Julián

Guru Elite

Re: About WEBAUTH Service and OnGuard Agent

Block TCP 6658 on network number 2 so it can't communicate with ClearPass.

 

The IP/FQDN of ClearPass is part of the OnGuard installer.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Super Contributor I

Re: About WEBAUTH Service and OnGuard Agent

OK, thanks a lot!

 

Regards,

Julián

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: