Security

Reply
Super Contributor II

Aruba Controller ArubaOS direct integration with PAN firewall

Hi All,

 

Just wondering if there is any planned direct integration between ArubaOS and PAN firewalls similar to what exists for the Instant APs? I.e. without ClearPass?

 

Scott

Guru Elite

Re: Aruba Controller ArubaOS direct integration with PAN firewall

There is a Palo featureset built into 6.4. Check out chapter 28 in the 6.4 User Guide.

 

palo-aaa-64.PNG

 

palo-6-4.PNG


Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Moderator

Re: Aruba Controller ArubaOS direct integration with PAN firewall

As pointed out by Tim [thanks]...we built integration with PANOS in AOS in 6.4. This is based upon the PAN-OS UserID XML-API similar to what we initially released in our first CPPM integration.

 

Note: CPPM has recently added additional integration over and above UserID to include HIP Objects.


Best Regards
-d

ClearPass Product Manager

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Super Contributor II

Re: Aruba Controller ArubaOS direct integration with PAN firewall

thanks all for your replies. looks like i've got some new testing to do!

Occasional Contributor II

Re: Aruba Controller ArubaOS direct integration with PAN firewall

We configured ... but are still getting DOWN... any ideas?????

 

(Aruba-local) #show pan state
Palo Alto Networks Servers Connection State[PA5050demo]
-------------------------------------------------------
Firewall            State
--------            -----
###.##.###.###:443  DOWN[03/06/18 15:49:15]

Occasional Contributor II

Re: Aruba Controller ArubaOS direct integration with PAN firewall

Does the PA firwall need to have a trusted certificate for the controller?

Is that why PAN still shows in a DOWN state.

 

(Aruba-local) #show pan state
Palo Alto Networks Servers Connection State[PA5050demo]
Firewall            State
###.##.###.###:443  DOWN[03/06/18 15:49:15]

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: