Security

last person joined: 16 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Can I join Clearpass to multiple domains?

This thread has been viewed 17 times

  • 1.  Can I join Clearpass to multiple domains?

    Posted May 03, 2018 07:19 PM

    I have a Clearpass instance that I want to service two different domains. The Clearpass server is able to ping both AD servers. I am currently joined to one of them. Is it possible for me to join Clearpass to the other AD server as well so I can perform RADIUS authentications? 

     

    I am aware that you cannot join via IP address. But the DNS servers on the side that Clearpass is currently on/joined to is not able to query the other domain.

     

    I've tried adding the DNS server that the second domain is on as a "Tertiary DNS" but Clearpass is only querying the "Primary DNS".

     

    Any advice would help. Thanks!



  • 2.  RE: Can I join Clearpass to multiple domains?

    EMPLOYEE
    Posted May 03, 2018 07:30 PM
    The DNS server would require entries for any other domains you want to join.

    Note that domain join is only required for 802.1X with legacy EAP methods like PEAPv0/EAP-MSCHAPv2.