Security

Reply
Highlighted
All-Decade MVP 2020

Aruba Controller ArubaOS direct integration with PAN firewall

Hi All,

 

Just wondering if there is any planned direct integration between ArubaOS and PAN firewalls similar to what exists for the Instant APs? I.e. without ClearPass?

 

Scott


Accepted Solutions
Highlighted
Moderator

Re: Aruba Controller ArubaOS direct integration with PAN firewall

There is a Palo featureset built into 6.4. Check out chapter 28 in the 6.4 User Guide.

 

palo-aaa-64.PNG

 

palo-6-4.PNG



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post


All Replies
Highlighted
Moderator

Re: Aruba Controller ArubaOS direct integration with PAN firewall

There is a Palo featureset built into 6.4. Check out chapter 28 in the 6.4 User Guide.

 

palo-aaa-64.PNG

 

palo-6-4.PNG



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post

Highlighted
Moderator

Re: Aruba Controller ArubaOS direct integration with PAN firewall

As pointed out by Tim [thanks]...we built integration with PANOS in AOS in 6.4. This is based upon the PAN-OS UserID XML-API similar to what we initially released in our first CPPM integration.

 

Note: CPPM has recently added additional integration over and above UserID to include HIP Objects.


Best Regards
-d

ClearPass Product Manager

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Highlighted
All-Decade MVP 2020

Re: Aruba Controller ArubaOS direct integration with PAN firewall

thanks all for your replies. looks like i've got some new testing to do!

Highlighted
Occasional Contributor II

Re: Aruba Controller ArubaOS direct integration with PAN firewall

We configured ... but are still getting DOWN... any ideas?????

 

(Aruba-local) #show pan state
Palo Alto Networks Servers Connection State[PA5050demo]
-------------------------------------------------------
Firewall            State
--------            -----
###.##.###.###:443  DOWN[03/06/18 15:49:15]

Highlighted
Occasional Contributor II

Re: Aruba Controller ArubaOS direct integration with PAN firewall

Does the PA firwall need to have a trusted certificate for the controller?

Is that why PAN still shows in a DOWN state.

 

(Aruba-local) #show pan state
Palo Alto Networks Servers Connection State[PA5050demo]
Firewall            State
###.##.###.###:443  DOWN[03/06/18 15:49:15]