Hi All,I am still looking for alternative from DHCP method to profile an endpoint.From the attached, I see there are two kinds of ARP, one is active, one is passive.Since the customer does not allow active ones, what needs to be done to achieve passive ARP ? Is there any example of output out there as well ?Thanks.
Do a SPAN to one of the unused ports on the ClearPass server, keep in mind load though. Why do you feel you need the ARP information? What's wrong with DHCP relay, Device Sensor, or other profiling methods?
Hi Alex & Herman,Thanks for your response.
But in the end, I need more distinguishable signature result than just IP , MAC , or dhcpOptions.
Customer also does not allow account differentiation between different services.
Active or Passive ARP relates to the learning of ARP addresses. With ARP a client requests the MAC address for a specific IP. With passive ARP learning, a network device can use such a ARP request or an ARP reply to learn the IP address for a specific MAC address. You can't practically make a network work without Active ARP, so not sure what your customer is not allowing. Static ARP would be an option, but that is highly unusual as you would need to program each network device with a list of MAC addresses for each IP. This really is not practical, and it would make profiling quite impossible and Client Insight (Central with gateways) would be an option to get profiling information from the normal network traffic. You may best work with your Aruba partner on the options you have.
© Copyright 2023 Hewlett Packard Enterprise Development LPAll Rights Reserved.