Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

VPN to Clearpass

This thread has been viewed 4 times

  • 1.  VPN to Clearpass

    Posted Feb 25, 2014 01:31 PM

    Hello!

     

    We currently have Palo Alto Firewalls (HA pair) and the rest of our infrastructure is Aruba. (Mobility switches, Airwave,Clearpass,7210 Controller)

     

    Is it possible to use the Palo Alto VPN and have it play nice with Clearpass to give users roles? Or would it be better to use VIA or another Aruba application/appliance to make this happen? 

     

    We would like our users to be able to connect back to our office while traveling when RAPs do not make much sense. This means we need to decide which type of VPN approach we want to take. I am sure Palo Alto has the ability to place users in respective VLANs but if I already have the logic setup in Clearpass I'm hoping not to have to do it again. 



  • 2.  RE: VPN to Clearpass

    EMPLOYEE
    Posted Feb 25, 2014 01:40 PM

    Of course Aruba's VIA will work for your remote users however, I think the question is really centered around Palo Alto.  

     

    So, yes, Clearpass will interoperate using RADIUS to any device.  However, the policy enforcement is really matched up to what the authenticator supports.  If PA support something specific like a VSA, then we can absolutely pass that back.



  • 3.  RE: VPN to Clearpass

    Posted Feb 25, 2014 04:51 PM

    Thanks. That will at least point me in the right direction!