Security

Hi Guys,

Since guests need https access to clearpass nothing is currently stopping them from removing the path from any url (keeping only https://domain.tld/) which gets them automatically redirected to the /tips admin logon prompt.

Is there any way to limit who may access that /tips path whether by blocking access altogether or simply ignoring authentication requests?

I found in "Monitoring - Eventviewer" that those CPPM sees the client ip address the user has when logging on so I figured I'd change the  "Copy_of_[Policy Manager Admin Network Login Service]" to have its service include a  "Connection - Client-IP-Address" with a simple "equals - ip address" (for testing), but this still allows any and all ip addresses to logon.

So simple ... :smileyembarrassed:

Thank you.

And to make sure nobody else misses the attached image from your post:

I had made a feature request for this a few months back

https://community.arubanetworks.com/t5/Technology/CPPM-limit-access-of-tips-to-Management-IP-only/idi-p/70840

This is great I didn't realize it had been implemented!

Thanks Aruba and @koenv

Thank you

Dusan