Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass rule for checking static Host list

This thread has been viewed 7 times

  • 1.  Clearpass rule for checking static Host list

    Posted Mar 03, 2017 04:45 AM

    Hi,

     

    I want to add a rule in Clearpass that authenticate the ssid against the Active Directory, so far so good.

    In enforement policy I want to check that this clients mac is inside a static host list, but I cannot found the list in the policy.

    Have anyone an idea?

    I want to authenticate the users agains AD and if the device mac is in Static mac table it got the allow access profile otherwise deny access...



  • 2.  RE: Clearpass rule for checking static Host list

    EMPLOYEE
    Posted Mar 03, 2017 05:10 AM

    Connection // Client-Mac-Address // BELONGS_TO_GROUP // --SHL-- name

     

    EDIT: Corrected typo above



  • 3.  RE: Clearpass rule for checking static Host list

    Posted Mar 03, 2017 08:04 AM

    does not work. This failure accours:

    Unbenannt.PNG



  • 4.  RE: Clearpass rule for checking static Host list
    Best Answer

    Posted Mar 03, 2017 09:07 AM

    I´ve found it.

    connection:Client-Mac-Address Belongs_to_Group SHT-Groupname