Security

last person joined: 2 hours ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

VIA Remote Access Local Authentication???

  • 1.  VIA Remote Access Local Authentication???

    Posted Aug 03, 2020 08:26 PM

    Is a controller able to locally authenticate a remote access VIA client with certificate based authentication, i.e. without an external Radius server such as Clearpass or FreeRadius?  

     

    Every guide I have seen includes details and configurations for utilizing an external Radius server to authenticate certificates for VIA clients, but I have seen zero configuration guides/details for local authentication via the controller itself.

     

    I’m looking to accomplish something similar to a Cisco ASA and AnyConnect doing a remote access VPN authenticated locally on the ASA against the trustpoint, as well as downloading the CRL to the ASA to check the cert revocation.

     

    Thanks all!



  • 2.  RE: VIA Remote Access Local Authentication???

    Posted Aug 04, 2020 02:05 PM

    Yes, controller can authenticate a remote access VIA client with certificate based authentication without an external RADIUS server. 

    You need to have the CN of the certificate in the local DB of the controller. 



  • 3.  RE: VIA Remote Access Local Authentication???

    Posted Sep 03, 2020 05:45 AM

    @TalktoSonic wrote:

    Yes, controller can authenticate a remote access VIA client with certificate based authentication without an external RADIUS server. 

    You need to have the CN of the certificate in the local DB of the controller. 


    Thank you for sharing your knowledge.