09-13-2013 05:31 AM
another vendor is offering NAC Solution , They can enfornce NAC policies for remote connecting SSLVPN users becaue they can offer SSLVPN access on the same HW of NAC
I wanted to get equivalent from Aruba , it is ClearPass as NAC solution .... but since there is no remote SSLVPN access @ aruba i wanted to check how to enforce clearpass policies on remote connected usres wwhoc connected to Firewall through dynamic remote VPN ? Can i force them to pass through Conrtoller & let controller act as FW to apply Clearpass policies ? because as i understand the controller acts as FW for wireless users , not for wired coming from normal Cisco switches
09-13-2013 05:37 AM
Aruba offers VIA as a VPN option; IPsec with failback to HTTPS. With this you can terminate clients on the controllers and utilize your existing roles and policies. Otherwise, you can use ClearPass to authenticate the users of the other SSL solution. ClearPass can authenticate and authorize them; and depending on what SSL solution send back appropriate attributes for the solution to apply roles, etc. However you cannot use the controller's roles/policies in this case.
If you are open to sharing the other solution, we can try and help with more specific options.
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX