Security

Reply
Highlighted
Frequent Contributor I

CPPM/VIA Authentication and Authorization Options

I'm setting up greenfield VIA VPN for our users, to replace aging Cisco ASA IPSEC and AnyConnect VPNs. Is there a way to profile the endpoint client when it connects to determine if it is a trusted corporate laptop or just a personal device belonging to a user? We have AirWatch integration but is there a way to get the MAC address info from the VIA client? For context I'm using EAP-PEAP with MSCHAPv2 authentication for VPN.

Highlighted
Moderator

Re: CPPM/VIA Authentication and Authorization Options

VIA will send the MAC address in the request.


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted
Frequent Contributor I

Re: CPPM/VIA Authentication and Authorization Options

I'm not seeing the MAC of the client in the CPPM Event Viewer log entry. I'm seeing the MAC address of the port-channel interface on the controller as well as another MAC with an unknown OUI (12FF02230700). Other ideas?

Highlighted
Frequent Contributor I

Re: CPPM/VIA Authentication and Authorization Options

Any more ideas folks?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: