Security

Reply
Occasional Contributor II

CPPM endpoint IP address

Hello,

I have a problem with determining the current ip address of the host. I set the device info poll interval check to 10 min.

When the host is authorized by 802.1x only after 10 minutes I have information about its IP address.

I would like to receive updated information about its ip address right after authorization.

Is it possible to perform "device info poll interval" for each endpoint separately? Maybe there is some other function that allows the effect.

 

Guru Elite

Re: CPPM endpoint IP address

Is RADIUS accounting enabled on the NAD?

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: CPPM endpoint IP address

Yes, on the switch, I set Clearpassa as a radius server. Authorization proceeds successfully and the host gets the ip address from the dhcp(router). 

Guru Elite

Re: CPPM endpoint IP address

Please verify you're seeing RADIUS accounting data.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: CPPM endpoint IP address

In Monitoring » Live Monitoring » Access Tracker 

I am browsing information about the authenticated user but I do not see the information about the ip address. When CPPM sends an SNMP to Switch to read the ARP table (this is Device Info Poll Interval), it obtains information about the real ip address.

I do not know how clearpass sends such a query. I was looking for such an option in the API but I did not find anything.

Guru Elite

Re: CPPM endpoint IP address

Look under accounting instead of access tracker.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: CPPM endpoint IP address

Only:

NAS IP Address- IP address of the switch

Calling Station ID: authenticated host MAC

In Accounting Packet Details there is no information about the ip address of the host.

cppm1.PNG 

 

In Monitoring » Live Monitoring » Access Tracker

section Endpoint Attributes

cppm2.PNG

when i change the ip address of the host and re-authenticates I see the old IP address. It's only after 10 minutes when the device info poll interval is done that I will see the new IP address.

Guru Elite

Re: CPPM endpoint IP address

If it's a static IP and you're relying on scans, then yes there will be a delay. What exactly are you trying to do?

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: CPPM endpoint IP address

I would like to receive the current ip address on the host immediately after the authentication.

The host gets the ip address from dhcp, from the router not the switch.

Occasional Contributor II

Re: CPPM endpoint IP address

Is it possible to manually launch device info poll interval?

I understand that this is a CPPM function that is implemented in the database?
Maybe you can do this query?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: