View Only
last person joined: 19 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

ClearPass + Okta for TACACS

This thread has been viewed 27 times
  • 1.  ClearPass + Okta for TACACS

    Posted Jul 30, 2019 03:23 PM



    I have a request from a customer who would like to integrate ClearPass with Okta for their TACACS/RADIUS device admin services. Specifically, IT admins would like to get prompted by Okta to authenticate at the time of network device admin logins. Is this possible? I assume that this will need to be configured via SSO but I've been unable to determine the steps needed to configure.


    Thanks in advance,


  • 2.  RE: ClearPass + Okta for TACACS

    Posted Jul 30, 2019 04:41 PM

    It looks like this can be supported via adding Okta as a token server and pointing it to an Okta RADIUS server agent. Has anyone else attempted this before or can anyone offer additional guidance on how this integration would work?


    Thanks in advance!

  • 3.  RE: ClearPass + Okta for TACACS

    Posted Jul 31, 2019 12:13 AM

    I got this working on a Cisco switch in my lab w/ Duo. I suspect the final configuration will be very similar w/ Okta. I'll report back with a more comprehensive write up once I'm able to test with my customer.


    The below article was incredibly helpful for me.


    In order to integrate with AD, I just substituted the Authentication Sources.


  • 4.  RE: ClearPass + Okta for TACACS

    Posted Sep 29, 2023 01:55 PM

    Hello REgan,

    I am looking to do the same with a customer of mine. I still don't have the solution yet. working on it. if it happens that you have a solution. I do appreciate it if you share it with us.