Original Message:
Sent: Sep 19, 2024 12:35 PM
From: chulcher
Subject: Clearpass Interfaces (Data & Management) for Azure Deployment
ClearPass expects the second interface to be present even when the underlying environment doesn't necessarily support the functionality.
------------------------------
Carson Hulcher, ACEX#110
Original Message:
Sent: Sep 18, 2024 10:52 PM
From: golfperson
Subject: Clearpass Interfaces (Data & Management) for Azure Deployment
Sorry to hijack this thread, but I'm wondering if you might be able to explain why the CPPM 6.11.x Azure deployment guide specifically instructs the addition of a 2nd network interface (data port) if it is not supported?
I'm referring to this guide here:
https://www.arubanetworks.com/techdocs/ClearPass/6.11/Installation-Guide/Default.htm#Cloud-Azure/CD-AZ-cppm-in-azure.htm?TocPath=Cloud%2520Deployments%253A%2520Microsoft%2520Azure%2520Cloud%2520Service%257C_____2
Under the Networking header, it states:
Once the VA is created, you must log in to the Azure portal and create a second interface for the VA.
This links to a lower section on the page giving instructions for doing so in the Azure portal:
https://www.arubanetworks.com/techdocs/ClearPass/6.11/Installation-Guide/Default.htm#Cloud-Azure/CD-AZ-cppm-in-azure.htm#Adding
I'm asking mainly because I added a 2nd interface to our Azure VAs because of this guide, so I'm hoping there are no adverse effects.
Original Message:
Sent: Jul 31, 2024 03:45 PM
From: chulcher
Subject: Clearpass Interfaces (Data & Management) for Azure Deployment
The data port isn't supported in cloud deployments, only the management port is available.
------------------------------
Carson Hulcher, ACEX#110
Original Message:
Sent: Jul 31, 2024 03:07 PM
From: smelias
Subject: Clearpass Interfaces (Data & Management) for Azure Deployment
The Aruba Clearpass harding documentation indicates the following;
"ClearPass utilizes separate management and data interfaces, and provides the ability to restrict access to the management interface to just authorized end stations."
Is this the case for a specific implementation in Azure? Are there any restrictions in ClearPass or Azure for deployment utilizing multiple interfaces?
Is there a requirement to deploy Azure Clearpass with a single interface - mixing the data and management traffic planes?