Security

Hi everybody,

i am not able to enable endpoint profiling in my CPPM. I have created a MAC-based authentication service with the following enforcement:


On my switch (HP 2530-8G-PoEP Switch (J9774A)) I´ve added the CPPM as IP helper on all VLANs. The device is redirected to VLAN401, but not profiled.

Any recommandations?

Kind regards,
Matthias


------------------------------
Matthias Pohl
------------------------------

Hi,

Do you have look if the CPPM receive the DHCP packet ?

Why use IP Helper on the 2530 ? i think it is not the default gateway of the vlan ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281
------------------------------

Original Message:
Sent: Mar 16, 2021 07:12 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Hi everybody,

i am not able to enable endpoint profiling in my CPPM. I have created a MAC-based authentication service with the following enforcement:


On my switch (HP 2530-8G-PoEP Switch (J9774A)) I´ve added the CPPM as IP helper on all VLANs. The device is redirected to VLAN401, but not profiled.

Any recommandations?

Kind regards,
Matthias


------------------------------
Matthias Pohl
------------------------------

How can I check if the CPPM receive the DHCP packet?

That was my understanding, to add the IP Helper on the 2530, so that the DHCP packet also get´s redirected to the CPPM, to be able to perform the profiling

------------------------------
Matthias Pohl
------------------------------

Original Message:
Sent: Mar 16, 2021 09:45 AM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

Hi,

Do you have look if the CPPM receive the DHCP packet ?

Why use IP Helper on the 2530 ? i think it is not the default gateway of the vlan ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 07:12 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Hi everybody,

i am not able to enable endpoint profiling in my CPPM. I have created a MAC-based authentication service with the following enforcement:


On my switch (HP 2530-8G-PoEP Switch (J9774A)) I´ve added the CPPM as IP helper on all VLANs. The device is redirected to VLAN401, but not profiled.

Any recommandations?

Kind regards,
Matthias


------------------------------
Matthias Pohl
------------------------------

the 2530 have IP Address on each vlan ?

You can make a packet capture on CPPM

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281
------------------------------

Original Message:
Sent: Mar 16, 2021 10:11 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

How can I check if the CPPM receive the DHCP packet?

That was my understanding, to add the IP Helper on the 2530, so that the DHCP packet also get´s redirected to the CPPM, to be able to perform the profiling

------------------------------
Matthias Pohl

Original Message:
Sent: Mar 16, 2021 09:45 AM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

Hi,

Do you have look if the CPPM receive the DHCP packet ?

Why use IP Helper on the 2530 ? i think it is not the default gateway of the vlan ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 07:12 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Hi everybody,

i am not able to enable endpoint profiling in my CPPM. I have created a MAC-based authentication service with the following enforcement:


On my switch (HP 2530-8G-PoEP Switch (J9774A)) I´ve added the CPPM as IP helper on all VLANs. The device is redirected to VLAN401, but not profiled.

Any recommandations?

Kind regards,
Matthias


------------------------------
Matthias Pohl
------------------------------

Hm, I´m not an expert, but to me it looks like, if CPPM doesn´t receive the DHCP packet

------------------------------
Matthias Pohl
------------------------------

Original Message:
Sent: Mar 16, 2021 10:14 AM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

the 2530 have IP Address on each vlan ?

You can make a packet capture on CPPM

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 10:11 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

How can I check if the CPPM receive the DHCP packet?

That was my understanding, to add the IP Helper on the 2530, so that the DHCP packet also get´s redirected to the CPPM, to be able to perform the profiling

------------------------------
Matthias Pohl

Original Message:
Sent: Mar 16, 2021 09:45 AM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

Hi,

Do you have look if the CPPM receive the DHCP packet ?

Why use IP Helper on the 2530 ? i think it is not the default gateway of the vlan ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 07:12 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Hi everybody,

i am not able to enable endpoint profiling in my CPPM. I have created a MAC-based authentication service with the following enforcement:


On my switch (HP 2530-8G-PoEP Switch (J9774A)) I´ve added the CPPM as IP helper on all VLANs. The device is redirected to VLAN401, but not profiled.

Any recommandations?

Kind regards,
Matthias


------------------------------
Matthias Pohl
------------------------------

You need to found why...

the switch can reach the CPPM ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281
------------------------------

Original Message:
Sent: Mar 16, 2021 11:19 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Hm, I´m not an expert, but to me it looks like, if CPPM doesn´t receive the DHCP packet

------------------------------
Matthias Pohl

Original Message:
Sent: Mar 16, 2021 10:14 AM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

the 2530 have IP Address on each vlan ?

You can make a packet capture on CPPM

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 10:11 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

How can I check if the CPPM receive the DHCP packet?

That was my understanding, to add the IP Helper on the 2530, so that the DHCP packet also get´s redirected to the CPPM, to be able to perform the profiling

------------------------------
Matthias Pohl

Original Message:
Sent: Mar 16, 2021 09:45 AM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

Hi,

Do you have look if the CPPM receive the DHCP packet ?

Why use IP Helper on the 2530 ? i think it is not the default gateway of the vlan ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 07:12 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Hi everybody,

i am not able to enable endpoint profiling in my CPPM. I have created a MAC-based authentication service with the following enforcement:


On my switch (HP 2530-8G-PoEP Switch (J9774A)) I´ve added the CPPM as IP helper on all VLANs. The device is redirected to VLAN401, but not profiled.

Any recommandations?

Kind regards,
Matthias


------------------------------
Matthias Pohl
------------------------------

Yes, the switch can reach the CPPM.
In the access tracker I can see, that the right service is picked. The device is assigned into the right VLAN and gets an IP address assigned. This is working fine. But, the device is not profiled.

------------------------------
Matthias Pohl
------------------------------

Original Message:
Sent: Mar 16, 2021 03:59 PM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

You need to found why...

the switch can reach the CPPM ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 11:19 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Hm, I´m not an expert, but to me it looks like, if CPPM doesn´t receive the DHCP packet

------------------------------
Matthias Pohl

Original Message:
Sent: Mar 16, 2021 10:14 AM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

the 2530 have IP Address on each vlan ?

You can make a packet capture on CPPM

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 10:11 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

How can I check if the CPPM receive the DHCP packet?

That was my understanding, to add the IP Helper on the 2530, so that the DHCP packet also get´s redirected to the CPPM, to be able to perform the profiling

------------------------------
Matthias Pohl

Original Message:
Sent: Mar 16, 2021 09:45 AM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

Hi,

Do you have look if the CPPM receive the DHCP packet ?

Why use IP Helper on the 2530 ? i think it is not the default gateway of the vlan ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 07:12 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Hi everybody,

i am not able to enable endpoint profiling in my CPPM. I have created a MAC-based authentication service with the following enforcement:


On my switch (HP 2530-8G-PoEP Switch (J9774A)) I´ve added the CPPM as IP helper on all VLANs. The device is redirected to VLAN401, but not profiled.

Any recommandations?

Kind regards,
Matthias


------------------------------
Matthias Pohl
------------------------------

What the gateway of this vlan ? do you have look to use DHCP relay on this vlan ?
how to the device get the IP Address ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281
------------------------------

Original Message:
Sent: Mar 17, 2021 03:18 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Yes, the switch can reach the CPPM.
In the access tracker I can see, that the right service is picked. The device is assigned into the right VLAN and gets an IP address assigned. This is working fine. But, the device is not profiled.

------------------------------
Matthias Pohl

Original Message:
Sent: Mar 16, 2021 03:59 PM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

You need to found why...

the switch can reach the CPPM ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 11:19 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Hm, I´m not an expert, but to me it looks like, if CPPM doesn´t receive the DHCP packet

------------------------------
Matthias Pohl

Original Message:
Sent: Mar 16, 2021 10:14 AM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

the 2530 have IP Address on each vlan ?

You can make a packet capture on CPPM

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 10:11 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

How can I check if the CPPM receive the DHCP packet?

That was my understanding, to add the IP Helper on the 2530, so that the DHCP packet also get´s redirected to the CPPM, to be able to perform the profiling

------------------------------
Matthias Pohl

Original Message:
Sent: Mar 16, 2021 09:45 AM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

Hi,

Do you have look if the CPPM receive the DHCP packet ?

Why use IP Helper on the 2530 ? i think it is not the default gateway of the vlan ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 07:12 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Hi everybody,

i am not able to enable endpoint profiling in my CPPM. I have created a MAC-based authentication service with the following enforcement:


On my switch (HP 2530-8G-PoEP Switch (J9774A)) I´ve added the CPPM as IP helper on all VLANs. The device is redirected to VLAN401, but not profiled.

Any recommandations?

Kind regards,
Matthias


------------------------------
Matthias Pohl
------------------------------

Hi, sorry for the late response.
This is our test environement:

If the device is not profiled it comes into the VLAN401. 
In VLAN401 i´ve configured the CPPM as IPHelper. The DHCP server is configured on the firewall.
GW is 10.20.252.1

I´ll check with our firewall guy, if our routing is configured correctly.

------------------------------
Matthias Pohl
------------------------------

Original Message:
Sent: Mar 17, 2021 04:14 PM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

What the gateway of this vlan ? do you have look to use DHCP relay on this vlan ?
how to the device get the IP Address ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 17, 2021 03:18 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Yes, the switch can reach the CPPM.
In the access tracker I can see, that the right service is picked. The device is assigned into the right VLAN and gets an IP address assigned. This is working fine. But, the device is not profiled.

------------------------------
Matthias Pohl

Original Message:
Sent: Mar 16, 2021 03:59 PM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

You need to found why...

the switch can reach the CPPM ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 11:19 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Hm, I´m not an expert, but to me it looks like, if CPPM doesn´t receive the DHCP packet

------------------------------
Matthias Pohl

Original Message:
Sent: Mar 16, 2021 10:14 AM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

the 2530 have IP Address on each vlan ?

You can make a packet capture on CPPM

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 10:11 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

How can I check if the CPPM receive the DHCP packet?

That was my understanding, to add the IP Helper on the 2530, so that the DHCP packet also get´s redirected to the CPPM, to be able to perform the profiling

------------------------------
Matthias Pohl

Original Message:
Sent: Mar 16, 2021 09:45 AM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

Hi,

Do you have look if the CPPM receive the DHCP packet ?

Why use IP Helper on the 2530 ? i think it is not the default gateway of the vlan ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 07:12 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Hi everybody,

i am not able to enable endpoint profiling in my CPPM. I have created a MAC-based authentication service with the following enforcement:


On my switch (HP 2530-8G-PoEP Switch (J9774A)) I´ve added the CPPM as IP helper on all VLANs. The device is redirected to VLAN401, but not profiled.

Any recommandations?

Kind regards,
Matthias


------------------------------
Matthias Pohl
------------------------------

Ok, it was a GW problem. On Aruba 2530 you can´t define a GW per VLAN.
We´ve changed the routing and now everything is working fine.
Thx for you support Alagoutte

------------------------------
Matthias Pohl
------------------------------

Original Message:
Sent: Mar 22, 2021 04:57 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Hi, sorry for the late response.
This is our test environement:

If the device is not profiled it comes into the VLAN401. 
In VLAN401 i´ve configured the CPPM as IPHelper. The DHCP server is configured on the firewall.
GW is 10.20.252.1

I´ll check with our firewall guy, if our routing is configured correctly.

------------------------------
Matthias Pohl

Original Message:
Sent: Mar 17, 2021 04:14 PM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

What the gateway of this vlan ? do you have look to use DHCP relay on this vlan ?
how to the device get the IP Address ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 17, 2021 03:18 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Yes, the switch can reach the CPPM.
In the access tracker I can see, that the right service is picked. The device is assigned into the right VLAN and gets an IP address assigned. This is working fine. But, the device is not profiled.

------------------------------
Matthias Pohl

Original Message:
Sent: Mar 16, 2021 03:59 PM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

You need to found why...

the switch can reach the CPPM ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 11:19 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Hm, I´m not an expert, but to me it looks like, if CPPM doesn´t receive the DHCP packet

------------------------------
Matthias Pohl

Original Message:
Sent: Mar 16, 2021 10:14 AM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

the 2530 have IP Address on each vlan ?

You can make a packet capture on CPPM

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 10:11 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

How can I check if the CPPM receive the DHCP packet?

That was my understanding, to add the IP Helper on the 2530, so that the DHCP packet also get´s redirected to the CPPM, to be able to perform the profiling

------------------------------
Matthias Pohl

Original Message:
Sent: Mar 16, 2021 09:45 AM
From: Alexis La Goutte
Subject: ClearPass Endpoint Profiling not working

Hi,

Do you have look if the CPPM receive the DHCP packet ?

Why use IP Helper on the 2530 ? i think it is not the default gateway of the vlan ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 16, 2021 07:12 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Hi everybody,

i am not able to enable endpoint profiling in my CPPM. I have created a MAC-based authentication service with the following enforcement:


On my switch (HP 2530-8G-PoEP Switch (J9774A)) I´ve added the CPPM as IP helper on all VLANs. The device is redirected to VLAN401, but not profiled.

Any recommandations?

Kind regards,
Matthias


------------------------------
Matthias Pohl
------------------------------

Sometimes DHCP fingerprinting only gets you so much information.  The browser agent information is not transferred in the fingerprint.  It looks like it could only tell that it is a Windows computer from the fingerprint.  If you configured if-map, the browser agent information would be transferred to CPPM without the fingerprint.  Configure IF-MAP, delete the endpoint and see if works.  

------------------------------
Rector Rios
------------------------------

Original Message:
Sent: Mar 16, 2021 07:12 AM
From: Matthias Pohl
Subject: ClearPass Endpoint Profiling not working

Hi everybody,

i am not able to enable endpoint profiling in my CPPM. I have created a MAC-based authentication service with the following enforcement:


On my switch (HP 2530-8G-PoEP Switch (J9774A)) I´ve added the CPPM as IP helper on all VLANs. The device is redirected to VLAN401, but not profiled.

Any recommandations?

Kind regards,
Matthias


------------------------------
Matthias Pohl
------------------------------