Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Wired NAC DHCP Profiling

This thread has been viewed 1 times

  • 1.  Wired NAC DHCP Profiling

    Posted Feb 06, 2018 07:35 AM

    Hi,

     

    I am setting up a Wired NAC solution (MAC Auth and 802.1X, eventually) on HPE LAN (Comware as L3 switches) and want to profile client devices before enforcing services. Could someone help with these two questions:

     

    •  In order to enable DHCP-relay for VLANs I want to profile, are these commands sufficient, or is something additional required:
      dhcp enable
dhcp relay server-group ${GroupNumber} ip ${DHCPserverIPaddress}
int vlan ${VLAN} 
dhcp relay server-select ${GroupNumber} 
dhcp select relay
    • Should profiled devices start popping up in Monitoring->Profiler and Discovery->Endpoint Profiler on CPPM straight away, or only after DHCP lease is renewed

    Thanks in advance.

     

     

    Kind regards,

    NesaM



  • 2.  RE: Wired NAC DHCP Profiling
    Best Answer

    Posted Feb 07, 2018 12:52 AM

    Yes, it's enough. 

     

    We have on our network the same configuration. 

     

     



  • 3.  RE: Wired NAC DHCP Profiling

    Posted Feb 07, 2018 03:04 AM

    Thanks, appreciated.

     

    Regards,

    NesaM