Security

 View Only
last person joined: 19 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

MAC Authentication Survivability

This thread has been viewed 2 times

  • 1.  MAC Authentication Survivability

    Posted Jul 30, 2017 10:32 PM

    We have a scenario where IoT type devices are authenticated using PSK / MAC auth with ClearPass at a WAN connected site.

     

    We'd like to avoid a situation where the WAN goes away and devices are unable to MAC auth via ClearPass.

     

    Is there any mechanism in the controller which can cache the last known authentication result within a defined period of time?



  • 2.  RE: MAC Authentication Survivability

    Posted Jul 30, 2017 11:10 PM
    That's not possible today

    Your only option is to use the controller internal db as an additional backup if the list of Mac addresses isn't too big

    Get Outlook for iOS


  • 3.  RE: MAC Authentication Survivability

    Posted Jul 30, 2017 11:11 PM

    Looks like authentication-survivability will work though?

     

    My only question with that is what happens with a bridged mode SSID if the controller goes away?