Security

Reply
MVP
Posts: 3,009
Registered: ‎10-25-2011

Data port and managemnet port Clearpass

Hello

When you got a Clearpass in which we will use both ports.

If i got firewalls what ports do i need to open to it like this?

 

From clearpass  management ip to internet

http://clearpass.arubanetworks.com  port 80 and 443 to this website

 

From clearpass managment ip to the email relay

Mail - generally TCP 25 or 465.

 

 

From the controllers in general to  the data port ip

 

ClearPass Policy Manager/Guest Port Service

3799 For RFC 3576 to work.

1812 RADIUS1813

RADIUS Accounting Server

80 HTTP

443 HTTPS

 

From the guest user vlan to clearpass

port 80

port 443

 

I am correct? im missing something?

 

Both ports(managment and data port  are behind firewalls.  So i need to be clear this part.

Also we are just using clearpass guest.

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
MVP
Posts: 992
Registered: ‎04-13-2009

Re: Data port and managemnet port Clearpass

[ Edited ]

Hi Carlos,

 

That looks like a good start. There are quite a few more port mentioned on the following post relating to NTP, database sync between CPPMs etc..

 

https://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/What-are-the-ports-that-need-to-be-opened-on-the-network/ta-p/175872

 

Cheers

James

Cheers
James

-------------------------------------------------------
-------------------@whereisjrw-------------------
------------------------blog-------------------------
ACCX #540 | ACMX #353 | ACDX #216
-----------Mobility First Expert #11----------
-------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
MVP
Posts: 3,009
Registered: ‎10-25-2011

Re: Data port and managemnet port Clearpass

I mised the NTP port thanks

That NTP would be a port i need to open to the administration port of the clerapass right?

 

We do not have a cluster of clearpass so i dont think i would need database sync between cppms

 

So in my post the ports are correct? i mean all those ports i mention i should open them but for the data port?

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
MVP
Posts: 992
Registered: ‎04-13-2009

Re: Data port and managemnet port Clearpass

Looks good. 

 

You'd also need DNS. :)

Cheers
James

-------------------------------------------------------
-------------------@whereisjrw-------------------
------------------------blog-------------------------
ACCX #540 | ACMX #353 | ACDX #216
-----------Mobility First Expert #11----------
-------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Search Airheads
Showing results for 
Search instead for 
Did you mean: