Security

Hello,

i would like to know how add an ip route in clearpass, because i configure 2 interface IP on my Clearpass

Mgmt and Data.

Mgmt is use for magament and check AD

Data is use for access to Guest Portal

When i configure an IP address on the DATA interface, i could not access on my internal Active Directory by the Mgmt interface.

On CLI,  i found this cmd but it doesn't work ... 

"add Add the network ip rule

Usage:

network ip add <mgmt|data|greN> [-i <id>] <[-s <SrcAddr>] [-d <DestAddr>]> [-g <ViaAddr>]
Where
greN -- Name of the gre tunnel where N corresponds to the gre
tunnel number ranging from 1,2,3...N
-i -- Optional parameter. Id of the network ip rule. If unspecified the
system will auto generate the Id
-s <SrcAddr> -- Optional parameter. The source interface ip address or netmask from
where the network ip rule is specified. The allowed values are -
valid IP Address or Netmask or '0/0'
-d <DestAddr> -- Optional parameter. The destination interface ip address or netamsk
where the network ip rule is specified. The allowed values are -
valid IP Address or Netmask or '0/0'
-g <ViaAddr> -- Optional parameter. The via or gateway ip address through which the
network traffic should flow. The allowed value is valid IP Address"

Could you to help me ?

Try this :

network ip add mgmt -d <Active Directory IP Address/Subnet Mask> -g <Gateway IP address>

it work now ! thanks victorfabian !

Hi,

I try this :

#network ip add data -d 192.168.2.1/24 -g 192.168.10.1

ERROR - Failed add route for destination=192.168.2.1/24 via=192.168.10.1

What could be the problem?

Thanks!

based upon a /24 your IP address and Gateway are in different subnets, but you have used a host address for the destinatation. I'm guessing this is the issue. Also, I guess that the data interface is in the 192.168.10.0 network.