Security

Reply
Occasional Contributor II
Posts: 36
Registered: ‎04-14-2015

Is it possible to edit the ClearPass's host file?

Dear Community,

 

Our customer doesn't want to set dns-server IP in ClearPass, because they separate the CP's VM in their network and they won't let the CP access to the DNS-server. They would like to edit the host file instead. Is it possible?

Thank you for your answer in advance!

 

Occasional Contributor I
Posts: 9
Registered: ‎04-16-2012

Re: Is it possible to edit the ClearPass's host file?

I am pretty certain that all access to ClearPass OS system files requires A support case and I am not sure they would support manual edits to the hosts file. When we configure a ClearPass box for a guest network we will usually use DNS proxy (goes by many names depending on the FW manufacturer) to respond with the internal/DMZ addresses where needed and forward the rest out to a public DNS.
Guru Elite
Posts: 21,272
Registered: ‎03-29-2007

Re: Is it possible to edit the ClearPass's host file?


Zsomi wrote:

Dear Community,

 

Our customer doesn't want to set dns-server IP in ClearPass, because they separate the CP's VM in their network and they won't let the CP access to the DNS-server. They would like to edit the host file instead. Is it possible?

Thank you for your answer in advance!

 


The short answer is No.  CP should be on the side of the "firewall" that allows it to access DNS as well as domain controllers, because if you use 802.1x DNS will be used to discover domain controllers for authentication.  If your clearpass box cannot access DNS, please re-consider how you are designing your network.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 36
Registered: ‎04-14-2015

Re: Is it possible to edit the ClearPass's host file?

Dear cjoseph,

 

Thank you for your reply. We also suggested to use DNS-server, but they wanted to know is it possible to edit the hostfile. Thank you again.

 

 

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: