Security

last person joined: 15 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

CPPM not receiving client mac vendor from some devices.

This thread has been viewed 4 times

  • 1.  CPPM not receiving client mac vendor from some devices.

    Posted Feb 21, 2019 02:35 PM

    Hi

    Does anyone know specifically how RADIUS with enforcement policies work. The issue I'm having is I have a couple devices where some of the 1 model works and passes the client-mac-vendor attribute and some of the same model don't work and doesn't pass the client-mac-vendor.

     

    Is this something that the end device ie laptop sends out during the RADIUS authentication process or does the CPPM request it?

     

    Any help would be appreciated.

    Thanks

    John



  • 2.  RE: CPPM not receiving client mac vendor from some devices.

    EMPLOYEE
    Posted Feb 21, 2019 03:09 PM
    MAC Vendor is simply a lookup that happens in ClearPass based on the client/station MAC address. If you’re not seeing a value, we may not have it in our database. Can you check it against https://www.wireshark.org/tools/oui-lookup.html


  • 3.  RE: CPPM not receiving client mac vendor from some devices.

    Posted Mar 01, 2019 09:36 AM

    I've had a call with TAC, the interesting thing is in the endpoint repository of the CPPM show the client mac vendor listed for the devices that we're having issue with. Just doesn't seem to show up in the access tracker andor get processed by the enforcement rules . TAC mentioned they've seen this before and upgrading to 6.7.x resolved it.