Security

 View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

ClearPass & Palo Alto Global Protect VPN (GPVPN) Posture validation.

This thread has been viewed 8 times
  • 1.  ClearPass & Palo Alto Global Protect VPN (GPVPN) Posture validation.

    Posted Dec 04, 2023 07:54 AM

    Hi guys,

    My client has Panorama that manages 5 firewalls, but in the ClearPass extension I can only place 1 panHost. Is there any way to take advantage of the ClearPass integration with Palo Alto GPVPN with posture validation in an environment where the client has several firewalls used for client VPN managed by Panorama?

    Another point is that I followed the same documentation mentioned previously but I don't see the Dynamic Address Group (DAG) being fed.

    I collected logs in ClearPass and see the error below:

    172.17.0.2 is extension IP and 172.18.x.x client IP.

    I thank the help of all.

    Thanks.



  • 2.  RE: ClearPass & Palo Alto Global Protect VPN (GPVPN) Posture validation.

    EMPLOYEE
    Posted Dec 07, 2023 08:39 AM

    I have not worked with such an environment, so can't really help. If you don't get an answer here, please work with Aruba Support to get a response.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------