Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass guest with IAP

This thread has been viewed 1 times

  • 1.  Clearpass guest with IAP

    Posted Mar 14, 2013 07:19 AM

    Hi 

     

    We have a clearpass server at our datacenter and we want to deoploy the guest part of clearpass to a cstomer running IAPs.

    So in this case, is the customer able to manage the clearpass server for revoking access, grant access, create own forms for self-registration?

    When a guest at the customers office registers, is the traffic sent to the clearpass server through tcp port 443 or does i requiere a VPN tunnel from the customer to our datacenter?

     

    thanks



  • 2.  RE: Clearpass guest with IAP

    Posted Mar 14, 2013 07:31 AM

    Hello Csoto

     

    There are a few posts on this under Instant and ClearPass boards.

     

    Firstly. Is the ClearPass owned by customer? As in in - it's not used by anyone else like a multi-customer hosted solution.

    If it's customer only then as long as the customer has http/https connection to the CP server he will be able to do administration.

    If it's multi-customer then no - you cant differentiate enough access to adjust just their own portals.

     

     

    Second.

    The client is redirected to the clearpass webserver (port 80 or 443) so the client needs a route to the server. Likewise the CP server needs a route back to the client network. At the same time - the IAP needs radius connectivity to the CP server.