Security

Reply
Frequent Contributor I
Posts: 69
Registered: ‎05-06-2013

CPPM/VIA Authentication and Authorization Options

I'm setting up greenfield VIA VPN for our users, to replace aging Cisco ASA IPSEC and AnyConnect VPNs. Is there a way to profile the endpoint client when it connects to determine if it is a trusted corporate laptop or just a personal device belonging to a user? We have AirWatch integration but is there a way to get the MAC address info from the VIA client? For context I'm using EAP-PEAP with MSCHAPv2 authentication for VPN.

Guru Elite
Posts: 8,637
Registered: ‎09-08-2010

Re: CPPM/VIA Authentication and Authorization Options

VIA will send the MAC address in the request.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 69
Registered: ‎05-06-2013

Re: CPPM/VIA Authentication and Authorization Options

I'm not seeing the MAC of the client in the CPPM Event Viewer log entry. I'm seeing the MAC address of the port-channel interface on the controller as well as another MAC with an unknown OUI (12FF02230700). Other ideas?

Frequent Contributor I
Posts: 69
Registered: ‎05-06-2013

Re: CPPM/VIA Authentication and Authorization Options

Any more ideas folks?

Search Airheads
Showing results for 
Search instead for 
Did you mean: