Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

How to disable Guest Access to clearpass admin interface

This thread has been viewed 11 times

  • 1.  How to disable Guest Access to clearpass admin interface

    Posted Oct 24, 2014 05:57 AM

    I have a working setup with 7210 Controller and Clearpass. Everthing is working, but when you connect to the guest ssid and get redirected to the guest logon page, i can change the url from

    https://clearpass.***.**/guest/guest_logon.php to https://clearpass.***.**/  i got the policy manager welcome page, where guests are not supposted to go there.

     

    any suggestions? think it has to be something with source nat and Role/ACL

     

     


    #7210


  • 2.  RE: How to disable Guest Access to clearpass admin interface

    EMPLOYEE
    Posted Oct 24, 2014 06:39 AM

    Please use the Options under Administration> ClearPass Portal to fix this.  

     



  • 3.  RE: How to disable Guest Access to clearpass admin interface
    Best Answer

    EMPLOYEE
    Posted Oct 24, 2014 07:11 AM
    Also, under Server Configuration, you can configure application ACLs that can block access to certain modules by IP range.


  • 4.  RE: How to disable Guest Access to clearpass admin interface

    Posted May 31, 2018 12:17 PM

    How was this issue solved?  We have the same issue?

     

    Thanks



  • 5.  RE: How to disable Guest Access to clearpass admin interface

    Posted Jun 04, 2018 04:22 AM

    Hi,

    One way to do it is as Tim said. Log into Policy Manager. Go to Administration -> Server Manager -> Server Configuration. Click on the server. Now you choose the Network tab. Here you will find a Restrict Access button under Application control where you can deny (or allow) access to different Clearpass modules from specified IP address,subnets,etc. For instance you could deny access to Policy Manager from your guest subnet.