Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

CPPM/VIA Authentication and Authorization Options

This thread has been viewed 1 times

  • 1.  CPPM/VIA Authentication and Authorization Options

    Posted Feb 01, 2017 07:31 PM

    I'm setting up greenfield VIA VPN for our users, to replace aging Cisco ASA IPSEC and AnyConnect VPNs. Is there a way to profile the endpoint client when it connects to determine if it is a trusted corporate laptop or just a personal device belonging to a user? We have AirWatch integration but is there a way to get the MAC address info from the VIA client? For context I'm using EAP-PEAP with MSCHAPv2 authentication for VPN.



  • 2.  RE: CPPM/VIA Authentication and Authorization Options

    EMPLOYEE
    Posted Feb 01, 2017 07:36 PM
    VIA will send the MAC address in the request.


  • 3.  RE: CPPM/VIA Authentication and Authorization Options

    Posted Feb 01, 2017 07:46 PM

    I'm not seeing the MAC of the client in the CPPM Event Viewer log entry. I'm seeing the MAC address of the port-channel interface on the controller as well as another MAC with an unknown OUI (12FF02230700). Other ideas?



  • 4.  RE: CPPM/VIA Authentication and Authorization Options

    Posted Feb 06, 2017 11:16 AM

    Any more ideas folks?