Security

 View Only
  • 1.  Clearpass Service name in variable

    Posted Jan 06, 2020 05:09 PM

    Is there a clearpass variable for the service name? I have setup email notifications and would like to the name of the service to be in the body of the email.



  • 2.  RE: Clearpass Service name in variable

    Posted Jan 08, 2020 05:31 AM

    Hi,

     

    if you send the email with an enforcement profile, there is the variable %{Tips:Service}



  • 3.  RE: Clearpass Service name in variable

    Posted Jan 08, 2020 10:32 AM

    Thanks for the response!

     

    That doesn't seem to be working, my email comes through  with below

     

    the below output is generated using other variables such as %{Tips:Role}, but %{Tips:Service} doesn't seem to work.

     

     

     

    ...

    NAS-IP Address: 10.100.3.25,

    Port: 2,

    Device Type: ShoreTel IP Phone

    Role: R-Shoretel-Phone, [User Authenticated]

    Service: %{Tips:Service}

     



  • 4.  RE: Clearpass Service name in variable

    Posted Jan 16, 2020 08:50 AM

    bumping this thread. Still looking for an answer.

     

    TIA



  • 5.  RE: Clearpass Service name in variable

    Posted Jan 29, 2020 04:50 PM

    How is the email being trigered? Are you using some kind of http enforcement to trigger emails or is it coming from the guest module? Can you share some screenshots of the config and the clearpass version being used.



  • 6.  RE: Clearpass Service name in variable

    Posted Feb 11, 2020 09:06 AM

    Sorry I didn't respond, I didn't see someone replied.. 

     

    images are the context server action; here is the content:

     

    {
    "to": ["email@address.com"],
    "subject": "Succesful Authentication Connection",
    "message": "The following user has been authenticated at:
    %{Date:Date-Time}
    MAC Address: %{Connection:Client-Mac-Address-Colon}
    User Name: %{Radius:IETF:User-Name}
    NAS-Identifier: %{Radius:IETF:NAS-Identifier}
    NAS-IP Address: %{Connection:NAD-IP-Address},
    Port: %{Radius:IETF:NAS-Port-Id},
    Device Type: %{Authorization:[Endpoints Repository]:Device Name}
    Role: %{Tips:Role}
    Service: %{Tips:Service}"
    }

     

     

    And then just an enforcement profile to call this context server action.

     

    this originally was 6.8.3, also in 6.8.4

     

     

     



  • 7.  RE: Clearpass Service name in variable

    Posted Feb 11, 2020 11:07 AM

    I swear I just responded to this this morning and now my post is gone.. weird.

     

    so attached images are the context server actions.

     

    Here is the content tab:

     

    {
    "to": ["email@address.com"],
    "subject": "Succesful Authentication Connection",
    "message": "The following user has been authenticated at:
    %{Date:Date-Time}
    MAC Address: %{Connection:Client-Mac-Address-Colon}
    User Name: %{Radius:IETF:User-Name}
    NAS-Identifier: %{Radius:IETF:NAS-Identifier}
    NAS-IP Address: %{Connection:NAD-IP-Address},
    Port: %{Radius:IETF:NAS-Port-Id},
    Device Type: %{Authorization:[Endpoints Repository]:Device Name}
    Role: %{Tips:Role}
    Service: %{Tips:Service}"
    }

     

    and then that action is triggered as an enforcement profile.



  • 8.  RE: Clearpass Service name in variable

    Posted Feb 26, 2020 12:55 PM

    I know this works:

     

    {
    "to": ["derin.mellor@hpe.com"],
    "subject": "Unknown Device Connected",
    "message": "Unknown device %{Connection:Client-Mac-Address-Colon} connected at: %{Date:Date-Time}. This is located at: %{Radius:Aruba:Aruba-Location-Id} on NAS: %{Radius:IETF:NAS-Identifier} Device Category: %{Authorization:[Endpoints Repository]:Category} Device Family: %{Authorization:[Endpoints Repository]:OS Family} Device Name: %{Authorization:[Endpoints Repository]:Device Name}. To register this device use this link https://cppm.hpearubademo.com/guest/mac_create.php?mac=%{Connection:Client-Mac-Address-Colon}&device_name=%{Authorization:[Endpoints Repository]:Device Name}"
    }

     

    If you're struggling to debug put the "API Framework" into Trace - see attacked (but not on a live environment ;-))

    This will put more detailed logs into the CPG Logs.

     

    What is more interesting is using an HTML email:

     

    {
    "to": ["derin.mellor@hpe.com"],
    "subject": "Unknown Device Connected",
    "headers": {"Content-Type": "text/html;charset=UTF-8"},
    "message": "<html><head><style>body {background-color:#ffffff;background-repeat:no-repeat;background-position:top left;background-attachment:fixed;}h1{font-family:Arial, sans-serif;color:#000000;background-color:#ffffff;}p {font-family:Arial, sans-serif;font-size:14px;font-style:normal;font-weight:normal;color:#000000;background-color:#ffffff;}</style></head><body><h1><p style='color:#B92D5D;font-size:20px;'>An Unknown device %{Connection:Client-Mac-Address-Colon} connected</p><p>It is located at NAS-IP: %{Connection:NAD-IP-Address}, Port: %{Radius:IETF:NAS-Port-Id}.</br><b>Connection Time:</b>&nbsp%{Date:Date-Time}</br><b>Manufacturer:</b>&nbsp%{Authorization:[Endpoints Repository]:MAC Vendor}</br><b>Hostname:</b>&nbsp%{Authorization:[Endpoints Repository]:Hostname}</br><b>Device Category:</b>&nbsp%{Authorization:[Endpoints Repository]:Category}</br><b>Device OS Family:</b>&nbsp%{Authorization:[Endpoints Repository]:OS Family}</br><b>Device Name:</b>&nbsp%{Authorization:[Endpoints Repository]:Device Name}</p><p>Click&nbsp;<a href=\"https://cppm.hpearubademo.com/guest/mac_create.php?mac=%{Connection:Client-Mac-Address-Colon}&amp;device_name=%{Authorization:[Endpoints Repository]:Device Name}\">here</a> to register your device.</p></br></body></html>"
    }

     

    I've attached both these Context Server Actions - in ContextServerAction.zip - just import with the password aruba123.

    Remember to change my email address.

    Regards Drin

     

     

    Attachment(s)

    zip
    ContextServerAction.zip   1 KB 1 version


  • 9.  RE: Clearpass Service name in variable

    Posted Feb 28, 2020 10:30 AM

    I don't see the Tips Service variable called anywhere..

     

    The email works and generally my other variables work, just not the {%Tips:Service} Variable