Security

Reply
Moderator
Posts: 867
Registered: ‎07-29-2010

Profiling with Cisco WLC

Hi

 

I'm integrating a CPPM v6.0 and a Cisco WLC in one customer of ours and am having some trouble with the endpoint profiling.

 

I know we should relay DHCP traffic to the CPPM in order to profile endpoints. However, due to some limitations in our customer's network, we will probably have to rely exclusively on SNMP queries from CPPM to WLC. Is that even possible?

 

If so, I think I've configured it correctly (I've configured the device as Airespace) but I can't find any command to check if the SNMP/SSH query is reaching the controller and what information is being obtained from it. Do any of you guys know how to do this?

 

Thanks a lot

 

Regards

 

Samuel

 

 

Samuel Pérez
ACMP, ACCP, ACDX#100

---

If I answerd your question, please click on "Accept as Solution".
If you find this post useful, give me kudos for it ;)
Guru Elite
Posts: 20,016
Registered: ‎03-29-2007

Re: Profiling with Cisco WLC

Unfortunately, SNMP only works if devices are configured with an SNMP read string.

 

What kind of network is this, enterprise encrypted?

 

Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
Moderator
Posts: 867
Registered: ‎07-29-2010

Re: Profiling with Cisco WLC

I've done that, my CPPM is supposed to be checking ARP tables and so on from my controller. Unfortunately, dev profiling isn't yet working.

 

regards

Samuel Pérez
ACMP, ACCP, ACDX#100

---

If I answerd your question, please click on "Accept as Solution".
If you find this post useful, give me kudos for it ;)
Moderator
Posts: 867
Registered: ‎07-29-2010

Re: Profiling with Cisco WLC

I'm still having trouble with it :(

 

I've done the following:

 

  • SNMP read enabled towards Cisco WLC management IP address
  • DHCP relayed from Cisco WLC towards CPPM
  • Subnet scan configured for the WLAN-Employee subnet

Sadly, when I go to "Endpoint profiler", I still get "ClearPass Profile has not received any endpoint information"

 

Any idea?

 

Thanks

Samuel Pérez
ACMP, ACCP, ACDX#100

---

If I answerd your question, please click on "Accept as Solution".
If you find this post useful, give me kudos for it ;)
Moderator
Posts: 867
Registered: ‎07-29-2010

Re: Profiling with Cisco WLC

It's up and running :)

Samuel Pérez
ACMP, ACCP, ACDX#100

---

If I answerd your question, please click on "Accept as Solution".
If you find this post useful, give me kudos for it ;)
MVP
Posts: 1,392
Registered: ‎11-30-2011

Re: Profiling with Cisco WLC


samuel.perez wrote:

It's up and running :)


could you explain what you did to make it working? might be useful for other people in this situation.
MVP
Posts: 1,110
Registered: ‎10-11-2011

Re: Profiling with Cisco WLC

Curious as well to know what you did to get it working.
=======================================
If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users.
Moderator
Posts: 867
Registered: ‎07-29-2010

Re: Profiling with Cisco WLC

Hum, sorry for the delay.

 

I didn't do anything special, just double checked my config and corrected some silly mistakes.

 

summarising:

  • dhcp relay sent to the CPPM
  • CPPM snmp-checking the controller

worked like magic :)

 

 

Samuel Pérez
ACMP, ACCP, ACDX#100

---

If I answerd your question, please click on "Accept as Solution".
If you find this post useful, give me kudos for it ;)
Aruba
Posts: 1,635
Registered: ‎04-13-2009

Re: Profiling with Cisco WLC

I know this post is dated, but i am having the same exact problem.  I enabled SNMP Read, DHCP forwarding to CPPM, and subnet scan; yet there is 0 entries discovered.  

 

When you got it to work, you said you double checked your settings; were there mistakes, or did it just start working?

 

thank you

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Guru Elite
Posts: 20,016
Registered: ‎03-29-2007

Re: Profiling with Cisco WLC

Clembo,

What is doing the forwarding, the WLC? Is that WLC also doing DHCP? If that is the case it will not forward.

If it is an external dhcp server, we need to make sure those packets can truly get to the CPPM.
Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
Search Airheads
Showing results for 
Search instead for 
Did you mean: