Home > Community > Technology > Security > ClearPass,AppleTv and Mac-Caching -Issue

Security

Reply
Topic Options
EP
Occasional Contributor II
EP
Posts: 41
Registered: ‎05-05-2013

ClearPass,AppleTv and Mac-Caching -Issue
Options

‎07-07-2014 04:12 PM

Hello's, and excuse the lengthy email :smileyfrustrated:

I have an interesting scenario.

 

I have a controller SSID whose login page is ClearPass. Users authenticate to this splash page using their AD credentials. I also have Mac-Caching enabled which allows users sessions who have authenticated once to stay "alive" for the duration of the Mac-Caching settings.

 

We are also using ClearPass Guest and we allow our users to register their AppleTv devices and share them to their colleagues using their colleages AD credentials. Everything works initially; The controller can share the Apple tv to the correct usrs by using their AD user names which were provided when the device was registerd in ClearPass.  The issue it seems arises when Mac-caching kicks in.

 

From what I've been able to gather, when an AppleTv is first shared it is shared to the AD cred's and this info is published to the controller and managed by Airgroup. Once Mac Caching kicks in, the user is no longer known by the controller by his AD user name but by a mac-address. In Clearpass, the Atv is shared to AD user accounts, and on the controller AirGroup knows the ATv is shared to the AD user name and therefore once Mac-Caching kicks in the users lose access to the AppleTv. Has anyone else run into this? Any ideas?

Thanks much for your time,

Sky

Alert a Moderator
Message 1 of 5 (1,420 Views)
Reply
0 Kudos
Guru Elite Guru Elite
Guru Elite
cappalli
Posts: 8,756
Registered: ‎09-08-2010

Re: ClearPass,AppleTv and Mac-Caching -Issue

[ Edited ]
Options

‎07-07-2014 05:39 PM - edited ‎07-07-2014 05:43 PM

You need to return the username to the controller in your MAC-auth service.

 

radius-sponsor-name.PNG


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Alert a Moderator
Message 2 of 5 (1,393 Views)
Reply
Aruba Aruba
Aruba
tarnold
Posts: 1,548
Registered: ‎06-12-2012

Re: ClearPass,AppleTv and Mac-Caching -Issue
Options

‎07-07-2014 08:43 PM

I thought I posted these a while back but I will post them again. All you need to do is import these into your enforcement profiles.  :)

 

Password: aruba123

 

Screen Shot 2014-07-07 at 10.39.47 PM.png

Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Alert a Moderator
Message 3 of 5 (1,378 Views)
Reply
EP
Occasional Contributor II
EP
Posts: 41
Registered: ‎05-05-2013

Re: ClearPass,AppleTv and Mac-Caching -Issue
Options

‎07-08-2014 12:18 PM

Tim,

Thanks much for your quick response.

This worked.

thanks again,

Sky

Alert a Moderator
Message 4 of 5 (1,344 Views)
Reply
0 Kudos
EP
Occasional Contributor II
EP
Posts: 41
Registered: ‎05-05-2013

Re: ClearPass,AppleTv and Mac-Caching -Issue
Options

‎07-08-2014 12:18 PM

Troy,

Thanks for the uploads. They augmented the solution well.

thanks again,

Sky

Alert a Moderator
Message 5 of 5 (1,343 Views)
Reply
0 Kudos
Search Airheads
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

© Copyright 2017 Hewlett Packard Enterprise Development LP
Powered by Lithium