Security

 View Only
  • 1.  Clearpass Context Server Action Variables

    Posted Dec 04, 2018 05:23 PM

    Hi Airheads,

     

    we are currently trying to connect our Clearpass Installation to a 3rd Party Firewall which supports Identity Awareness via REST calls.

     

    Basically we configured an Endpoint Context Server with 2 Actions (Login / Logout). 

     

    We have to pass Username, Groups and IP of the Authenticated User to the Interface. 

     

    The Login Body would as configured now:

     

    ip=%{ip}&session_timeout=60&idle_timeout=30&username=%{Authentication:Full-Username}&groups=test

     

    For the Endpoint IP i could not find any working Variable. As in the already existing Templates we tried both %{ip} and %{Radius:IETF:Framed-IP-Address} which were not working. The Username is properly filled through the %{Authentication:Full-Username} Variable. 

    We checked this by capturing Packets from the Firewalls Management and the request contained the variables name.

    Inside the Radius Access Request the Endpoint IP is filled and the Framed-IP-Address is provided by the Accounting Start.

     

    Is there anything i am missing?

     

    Greatly appreciate any Help on that issue 

     

    with best regards,

    Kevin

     



  • 2.  RE: Clearpass Context Server Action Variables

    Posted Dec 04, 2018 05:29 PM
    Are you using a Post Auth Session Notify? Also, is Insight enabled in the cluster?


  • 3.  RE: Clearpass Context Server Action Variables

    Posted Dec 04, 2018 05:46 PM

    Yes Insight is active and we used a Session Notification Enforcement Profile



  • 4.  RE: Clearpass Context Server Action Variables

    Posted Dec 04, 2018 05:55 PM
    Framed IP should work. What kind of firewall is it? Can you post the full contents of the CSA?


  • 5.  RE: Clearpass Context Server Action Variables

    Posted Dec 04, 2018 06:04 PM

    Enclosed the Settings of the Login CSA. The Firewall mentioned is a "Clavister W30"

     

    1.png2.png3.png4.png