Security

Reply
MVP
Posts: 2,866
Registered: ‎10-25-2011

Clearpass guest deployment with a dmz controller

Hello right now we got a captive portal with a dmz conroller

We got a vlan that just exist in the controllers

So we got multiple controllers with a vlan 999 a dmz controller also with that vlan 999.  We got tunnel GRE that connect all the controllers with the DMZ controller, and on the DMZ controller has the exit to internet.  We nat that vlan 999 through the ip of the dmz controller that has acccess to internet.

 

Now if we want to put a clearpass that willl be just used for Guest.  Where should we put this clearpass?

In the DMZ?  which would be the best practice?

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Contributor I
Posts: 33
Registered: ‎01-16-2013

Re: Clearpass guest deployment with a dmz controller

[ Edited ]

It may depend on the specifics of the site, but I have my CPG server on an inside network, so things like ldap, backups, etc. of the CPPM/CPG all stay inside.  

Mike Davis
Network Engineer
University of Delaware
Search Airheads
Showing results for 
Search instead for 
Did you mean: