check this video for how to do profiling with clearpass
https://www.youtube.com/watch?v=sgGaHiFpGjc------------------------------
If my post was useful accept solution and/or give kudos.
Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
------------------------------
Original Message:
Sent: Jan 30, 2023 12:44 PM
From: peter.elms
Subject: Static host lists
Thanks,
that's got to be the best idea.
i wouldn't need to specify an authentication source.
Just profile " if connection MAC address begins with 00-12-34" then allow.
cheers
pete
Original Message:
Sent: Jan 30, 2023 12:22 PM
From: ahollifield
Subject: Static host lists
Why not use profiling instead?
Original Message:
Sent: Jan 30, 2023 12:11 PM
From: peter.elms
Subject: Static host lists
apologies Jorge i forgot to mention.
They are doing "wired NAC" for thin clients (non-windows devices) and while they are working out how to enable EAP-TLS on these clients they want to get the clients onto the networks via a MAC auth process.Does that help ?
pete
Original Message:
Sent: Jan 30, 2023 12:05 PM
From: Jorge Calvi
Subject: Static host lists
Could you tell us tecnology are you thinking apply that on? Is it for Wireless, Instant / AOS, is it for switches? Maybe a Clearpass config?
Regards,
Jorge
Original Message:
Sent: 1/30/2023 11:28:00 AM
From: peter.elms
Subject: Static host lists
hello Airheads,
does anyone know if you can use wildcards in static host lists (for MAC addresses)
the fist 3 bytes are common to all clients.
cheers
Pete
p.s. it's just a stop gap for the customer they realise it's not ideal long term !!