Hey guys, how are you?
I've been reading some discussions and noticed that it's possible to integrate clearpass with sonicwall.
I have a scenario where I would like my AD user to be directed to my clearpass, but whoever would do this release would be my sonicwall.
It is possible? Would it just add my sonicwall to my proxy target and then link it to my service?
Thanks in advance.
yes that would be a way to send the RADIUS accounting records to your FW.
We've configured integration with SonicWall through RADIUS Accounting and also with the SonicWall Third Party SSO API previously.
RADIUS Accounting provides the username and IP Address, and if you want to use Active Directory Groups to tie in with the rule set on the SonicWall then this can be looked up by the SonicWall LDAP engine.
The Third Party SSO API adds the ability to manipulate the login details further (HTTPS Endpoint context server configuration in ClearPass). This includes amending username formats (or passing different credentials), and also to amend/add group information for additional rule set integrations with the SonicWall.
Thanks for the answer, that sounds good to me.
From what I understand, the biggest configuration would be on the sonicwall side, right?
On the clearpass side we would just add sonicwall and point the service with radius accounting?
generally I would also add Filter-Id to pass the user-roles to the firewall, most of them can be configured to make use of it.
© Copyright 2023 Hewlett Packard Enterprise Development LPAll Rights Reserved.