Security

Reply
Contributor I
Posts: 29
Registered: ‎04-16-2014

IP addresses in RADIUS or HTTPS certificates? (CPPM)

Hi all,

 

It seems that a good practise is to have IP addresses of the data and management ports in the RADIUS and/or HTTPS certificate in ClearPass together with DNS names. What is the reasoning behind this? If DNS names of the interfaces are as CN and SAN on the certificate, what would be use case for the IP addresses?

This might be relevant topic for smaller deployments where a client does not want to pay any extra from SAN fields on a certificate.

Aruba
Posts: 1,542
Registered: ‎06-12-2012

Re: IP addresses in RADIUS or HTTPS certificates? (CPPM)

The only time you need to put the IP in the SAN field is if you are redirecting by IP instead of FQDN
Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Search Airheads
Showing results for 
Search instead for 
Did you mean: