Wireless Access

Hi, using the aruba clearpass rest api, I want to take the machine/user I selected and restrict network access. Can you help me?

Hi,

Your question is not very detailed, so we'll have to make assumptions here.

First you'll need to create an API client to make requests. If you're going to be writing data via thew API, give the client RW permissions. I assume you know how a REST API works and you have a tool to send requests (curl, postman, ansible, custom script, whatever...)

Assuming you want to blacklist MAC addresses. What you can do is set a "blacklisted" flag on the desired endpoint.

For this you'll have to send a PATCH request to the uri "/endpoint/mac-address/{endpoint-mac}" with a json payload like '{ "attributes": { "blacklisted": "true" } }'

Then, in your Clearpass service you check for this attribute on the endpoint and deny access id you find it with a true value.

Hope this helps

Does this need to be any policy for the blacklist?Can it work directly?

Yes, you will need to implement the policy through a Service somehow. e.g. by checking the "blacklist" attribute you set via the API.

Thank you, I'll test it.

Can I do the same by using an XML api?

https://www.arubanetworks.com/techdocs/ArubaOS_81_Web_Help/Web_Help_Index.htm#ArubaFrameStyles/XML_API/XML_Request.htm%3FTocPath%3DArubaOS%2520User%2520Guide%7CExternal%2520User%2520Management%7C_____3

up

The XML API you’re referring to is for ArubaOS, not Clearpass.