04-22-2015 10:40 AM
How to uset Static Host list as Authentication server and if it is no possible ,how to use Clearpass as Authentication server for specific service?
04-22-2015 10:43 AM
04-22-2015 11:19 AM
09-13-2016 10:17 PM
Can I build an Enforcement Policy rule logic (where I just enforce the [Allow Access Profile] as an action) on an 802.1x service, where I want,
Condition 1: User exists in AD (that part is basic enough)
Condition 2: Endpoint identifier sits in Static-Host-List (which i've already setup as an Authentication Source.. but with the host-list defined as an 'Authentication Source'.. I can't go into 'General' tab and tick the checkbox for 'Use for Authorization'... it is greyed out.. implying it's not eligible to be used as an Authorization Source... any reason why ?)
With the lack of the Authentication Source of the Static-Host-List setup for Authorization also ... it means when I'm building my enforcement policy I can't auto-resolve the Static-Host-List as an 'Authorization Source'.. only the Microsoft AD one is showing..
So.. I just want a logic AND, where user is in AD as well as endpoint identifier they are passing is in Static-Host-List.
Unless... I just do it like this ?
But then, I need a separate service as it's 'MAC Auth' as a service that will trigger it.
09-15-2016 01:00 PM
To use it as an authN source..... after you've created the static list.... go create a new auth-source type=static host list and on the second tab select your newly created static-host-list....
Snr Tech Marketing Engineer - ClearPass
-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.