Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Compatibility 802.1X and mac-filter to Clearpass radius server

This thread has been viewed 1 times

  • 1.  Compatibility 802.1X and mac-filter to Clearpass radius server

    Posted May 22, 2013 10:54 PM

    We have a requirements from our customer to used their existing SSID with 802.1x enable, they are using Cisco WLC 4400

    The requirements is that when the WLC and Clearpass is integrated, the client wireless device with 802.1x enable will connect to the WLAN and if 802.1x failed it will still allow the client to get an ip address if the MAC address is registered the the Clearpass.

     

    Is this possible? or is there a alternative way to allow the client if 802.1x fail? We need this for our monitoring mode to allow client if 802.1x will not work.

     



  • 2.  RE: Compatibility 802.1X and mac-filter to Clearpass radius server

    Posted May 22, 2013 11:27 PM

     

    You could add the mac address to the endpoint repository and in the service you are using you can add endpoint repository as an authorization source , you also need to create a mac auth enforcement policy which will check whether the mac address exist in the endpoint repository .