View Only
last person joined: 14 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

ClearPass AAA using Google

This thread has been viewed 27 times
  • 1.  ClearPass AAA using Google

    Posted May 11, 2023 10:54 AM

    I am changing our wireless from IAP to controller managed. I would like to use ClearPass for 802.1x on the wireless, but we are removing Active Directory this summer. 
    I would like to utilize it to determine the user role based on the security group of the user and if the device is private. At this point, we are using Google for our user authentication.
    Is there a way for ClearPass to use Google for 802.1x?


  • 2.  RE: ClearPass AAA using Google

    Posted May 11, 2023 11:06 AM

    I believe the Google LDAP can only be sued for authorization, but not for authentication.

    Dustin Burns

    Lead Mobility Engineer @Worldcom Exchange, Inc.

    ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2022-2023
    If my post was useful accept solution and/or give kudos

  • 3.  RE: ClearPass AAA using Google

    Posted May 11, 2023 11:19 AM

    Easiest (?) way to do this would be to switch to EAP-TLS for the 802.1x authentication.  The certificate is used to create the initial authentication and then if there is information you want to draw from Google you can use LDAP as mentioned above to retrieve authorization information based upon something related to the user certificate. 

  • 4.  RE: ClearPass AAA using Google

    Posted May 16, 2023 02:41 PM

    Hi tthompson,

    How would you do this?  would the service use EAP-TLS as the authentication method and Google Secure LDAP as the authorization?  How to you get the user to log into Google?  Does it require a Guest captive portal?

  • 5.  RE: ClearPass AAA using Google

    Posted May 25, 2023 01:16 PM

    Hi tthompson,

    Is there any documentation for this method?