Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Automatically change status to "known" if endpoint passes 802.1x

This thread has been viewed 11 times

  • 1.  Automatically change status to "known" if endpoint passes 802.1x

    Posted Aug 14, 2018 01:42 AM

    Hi,

     

    I am implementing CPPM and so far all good. I'd like to know if there is a way to change the status to Known automatically for clients that pass 802.1x.

     

    Example:

     

    - client connect to the network for the first time

    - client fails MAC address auth (client is unknown)

    - client immideately initiate 802.1x and passes criteria

    - [allow access profile] is applied and client gets an ip on the right vlan

     

    At this exact point I'd need something that gets the client MAC and change its status to KNOWN.

     

    I have read post authentication is the way, but i can't seem to find "post-auth" in the dropdown meneu under the [allow access profile] profile.

     

    thanks

     



  • 2.  RE: Automatically change status to "known" if endpoint passes 802.1x
    Best Answer

    EMPLOYEE
    Posted Aug 14, 2018 02:15 AM

    You can add the Profile "[Update Endpoint Known]" to the Policy, it could send several profiles as the following example:Screen Shot 2018-08-14 at 08.13.42.png

     

     

     



  • 3.  RE: Automatically change status to "known" if endpoint passes 802.1x

    Posted Aug 14, 2018 02:23 AM

    This is exactly what i was looking for!

     

    thanks heaps (Again!)