I just want to make sure I'm clear and up to date on this - is TACACS+ and local users the only option for admin user login to CPPM boxes? I have read that this is the case but the info was a few years old.
We have an external RADIUS server which we use for management logins to our general network equipment so it would be ideal to use this for admin login to CPPM if possible.
I have the same issue you do. First they tell me to use SAML SSO for admin log in but that causes issues as our clearpass server doing management log in doesn't share same certs and has to rely on other parts of the infrastructure. If oyu use TACACS+ you can only specify 1 IP address which breaks redundancy since my 3 Clearpass for management accounts are in different subnets. This futhure puts more reliance on other parts of our network for something that needs to run independant of failures of things on the network.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.