Security

Hi Guys, 

 

I have two separeted management networks that are not routed and I need to use Claerpass to manage each one from the same server. Is it possible to use two NIC in the same Claerpass server to manage these networks?

If so, I need to create two services, one for itt network?

 

Thank you.

 

Leandro Menezes

No this is not possible.



You can create GRE and IPSec tunnels from other network equipment to
ClearPass. You can also explore the use of VRFs on your network gear.

You can use the VLAN option on the MGMT interface. Keep in mind that ESXi does not have the notion of dual-mode or tagged and untagged on the same virtual port. Also, you will need to create routes if the networks are L3 networks. Not sure how far the functionality goes because I have not tried it yet. But I did have a partner that was using the VLAN tagging option for multiple networks on the MGMT interface.

 

am i not understanding the question right or can't you use the data port for the one network and the mgmt port for the other network. there even is the services routing technote about this. sure it isn't advised, but it is possible.

 

you don't need different services, but you can have them. just check on something like the NAS IP to differentiate between the two networks.