Security

 View Only
last person joined: 2 days ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Clearpass Web Authentication with AD Credentials

This thread has been viewed 8 times
  • 1.  Clearpass Web Authentication with AD Credentials

    Posted Jul 05, 2022 05:26 PM
    Hello,

    I have a question and I hope to some help because I am new with clearpass. I have succeded to create a wired web authentication service witch cisco switch. So if dot1x authntication and mac authentication fails then the user is regarded to be  guest and is redirected to clearpass captive portal where is successfully authenticated and he receives a guest vlan with guest ip address.

    In addition if instead of using guest credentials at captive portal he uses AD credentials then he receives the proper vlan (where the user belongs to) but the ip address of the user remains the same - quarantine/guest vlan ip address. It cannot  be changed. Do you have any idea how to overcome this issue?


  • 2.  RE: Clearpass Web Authentication with AD Credentials

    EMPLOYEE
    Posted Jul 05, 2022 07:52 PM
    the general approach here is for ClearPass to send back a different VLAN to the switch followed by a switch port bounce.
    so you need to have a enforcement profile to send the appropriate VLAN. followed by a Cisco port bounce which is one of the default enforcement profiles that are available in clearpass.




    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba.
    ------------------------------