generally I would also add Filter-Id to pass the user-roles to the firewall, most of them can be configured to make use of it.
If my post was useful accept solution and/or give kudos.
Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
Original Message:
Sent: Nov 20, 2023 06:58 AM
From: Miguel de Paula
Subject: ClearPass integration Sonicwall
Thanks for the answer, that sounds good to me.
From what I understand, the biggest configuration would be on the sonicwall side, right?
On the clearpass side we would just add sonicwall and point the service with radius accounting?
Original Message:
Sent: Nov 18, 2023 02:50 AM
From: DDTechie
Subject: ClearPass integration Sonicwall
Hi,
We've configured integration with SonicWall through RADIUS Accounting and also with the SonicWall Third Party SSO API previously.
RADIUS Accounting provides the username and IP Address, and if you want to use Active Directory Groups to tie in with the rule set on the SonicWall then this can be looked up by the SonicWall LDAP engine.
The Third Party SSO API adds the ability to manipulate the login details further (HTTPS Endpoint context server configuration in ClearPass). This includes amending username formats (or passing different credentials), and also to amend/add group information for additional rule set integrations with the SonicWall.
Original Message:
Sent: Nov 16, 2023 06:24 PM
From: Ariya Parsamanesh
Subject: ClearPass integration Sonicwall
yes that would be a way to send the RADIUS accounting records to your FW.
------------------------------
If my post was useful accept solution and/or give kudos.
Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
Original Message:
Sent: Nov 16, 2023 12:49 PM
From: Miguel de Paula
Subject: ClearPass integration Sonicwall
Hey guys, how are you?
I've been reading some discussions and noticed that it's possible to integrate clearpass with sonicwall.
I have a scenario where I would like my AD user to be directed to my clearpass, but whoever would do this release would be my sonicwall.
It is possible? Would it just add my sonicwall to my proxy target and then link it to my service?
Thanks in advance.