Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Aruba Controller ArubaOS direct integration with PAN firewall

This thread has been viewed 2 times

  • 1.  Aruba Controller ArubaOS direct integration with PAN firewall

    Posted Mar 30, 2014 06:24 PM

    Hi All,

     

    Just wondering if there is any planned direct integration between ArubaOS and PAN firewalls similar to what exists for the Instant APs? I.e. without ClearPass?

     

    Scott



  • 2.  RE: Aruba Controller ArubaOS direct integration with PAN firewall
    Best Answer

    EMPLOYEE
    Posted Mar 30, 2014 07:03 PM

    There is a Palo featureset built into 6.4. Check out chapter 28 in the 6.4 User Guide.

     

    palo-aaa-64.PNG

     

    palo-6-4.PNG



  • 3.  RE: Aruba Controller ArubaOS direct integration with PAN firewall

    Posted Mar 31, 2014 01:22 AM

    As pointed out by Tim [thanks]...we built integration with PANOS in AOS in 6.4. This is based upon the PAN-OS UserID XML-API similar to what we initially released in our first CPPM integration.

     

    Note: CPPM has recently added additional integration over and above UserID to include HIP Objects.



  • 4.  RE: Aruba Controller ArubaOS direct integration with PAN firewall

    Posted Mar 31, 2014 06:23 PM

    thanks all for your replies. looks like i've got some new testing to do!



  • 5.  RE: Aruba Controller ArubaOS direct integration with PAN firewall

    Posted Mar 06, 2018 04:58 PM

    We configured ... but are still getting DOWN... any ideas?????

     

    (Aruba-local) #show pan state
    Palo Alto Networks Servers Connection State[PA5050demo]
    -------------------------------------------------------
    Firewall            State
    --------            -----
    ###.##.###.###:443  DOWN[03/06/18 15:49:15]



  • 6.  RE: Aruba Controller ArubaOS direct integration with PAN firewall

    Posted Mar 06, 2018 04:59 PM

    Does the PA firwall need to have a trusted certificate for the controller?

    Is that why PAN still shows in a DOWN state.

     

    (Aruba-local) #show pan state
    Palo Alto Networks Servers Connection State[PA5050demo]
    Firewall            State
    ###.##.###.###:443  DOWN[03/06/18 15:49:15]