Security

 View Only

  • 1.  Clearpass PKI certs with RSA help needed

    Posted Oct 27, 2018 05:39 PM
    Hi all,

    I have a design related question for clearpass and what I’m trying to achieve:

    My company is using EC384 certs. We want to get people authenticating using these as first factor of authentication ... then get people to use a RSA server as the 2FA.

    Can I do this with ikev1 or v2?

    How complex would the config be for clearpass to achieve this and some controllers?

    I have the infrastructure setup but struggling to integrate everything ... thanks in advance :-)


  • 2.  RE: Clearpass PKI certs with RSA help needed

    Posted Oct 27, 2018 05:41 PM
    What is the network medium and infrastructure?


  • 3.  RE: Clearpass PKI certs with RSA help needed

    Posted Oct 27, 2018 05:51 PM
    Sorry but can I just clarify when you say medium? As in how the users will connect from the internet? If so, through a firewall directly into a controller to form the VPN.

    Infrastructure - clearpass is virtual and the controllers and physical. Traditional DMZ design with firewall inside and out. But that’s all that separates these devices.

    Is that what you meant?


  • 4.  RE: Clearpass PKI certs with RSA help needed

    Posted Oct 27, 2018 05:56 PM
    So the medium is VPN and the infrastructure is an Aruba controller.

    So you're trying to use the Aruba VIA client?


  • 5.  RE: Clearpass PKI certs with RSA help needed

    Posted Oct 27, 2018 06:25 PM
    That’s spot on - exactly what I’m trying to do :-)


  • 6.  RE: Clearpass PKI certs with RSA help needed
    Best Answer

    Posted Oct 29, 2018 11:43 AM

    The cert trust would be between the client and the controller. You can then use standard RADIUS proxy off to your RSA box.



  • 7.  RE: Clearpass PKI certs with RSA help needed

    Posted Nov 02, 2018 04:14 PM
    Thank you


Related Content