Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

ClearPass 6.2 static host list management

This thread has been viewed 10 times

  • 1.  ClearPass 6.2 static host list management

    Posted Apr 15, 2014 06:34 AM

    Hi,

     

    We would like to use regular expressions to authenticate hosts on our network.

    For example, allow host using vendor part of MAC address (OUI).

    CP.png

     

    The problem is that we don't understand how to make regular expressions. We are a little bit lost with . or * !

     

    Thank you.

    Regards



  • 2.  RE: ClearPass 6.2 static host list management

    Posted Apr 15, 2014 09:27 AM

    Use this instead :

     

    782BCB*



  • 3.  RE: ClearPass 6.2 static host list management

    Posted Apr 15, 2014 09:57 AM

    Thanks Victor, didn't realize you could even use an * for the RegEx field.    @bencoolen; if you need some added flexibility, the regular expression you were looking for is the following. 

     

    78-2b-cb-([0-9A-F]{2}-){2}([0-9A-F]{2})$

     

     



  • 4.  RE: ClearPass 6.2 static host list management

    Posted Apr 15, 2014 10:40 AM

    Hello,

     

    Thank you for your answer. This is not working. The host I use to perform this test is not recognized and so, not allowed on my network. It sounds good but do you know if we have to define role mapping condition differently than a classic static host list (list of MAC addresses, not regex).

     

    The above condition uses normal static list. The second one is the regex.

    CP2.png



  • 5.  RE: ClearPass 6.2 static host list management

    EMPLOYEE
    Posted Apr 15, 2014 10:44 AM
    Why not just do



    Client-Mac-Address BEGINS_WITH (oui)


  • 6.  RE: ClearPass 6.2 static host list management

    Posted Apr 15, 2014 10:55 AM

    Hello,

     

    This is what we do right now :smileyhappy: We manage that in the rule mappings.

    Using groups allow us to give names (e.g. Xerox printers, Samsung printers for the role : Printers)

     

    Thank you



  • 7.  RE: ClearPass 6.2 static host list management
    Best Answer

    Posted Sep 01, 2017 12:56 PM

    Fyi the solution :

     

    Regex

    Example

    ^00[:-]?30[:-]?[fF]9([:-]?[0-9a-fA-F]{2}){3}$

    00:30:f9:xx:xx:xx

    ^78[:-]?2[bB][:-]?[cC][bB][:-]?[dD][0-9a-fA-F]([:-]?[0-9a-fA-F]{2}){2}$

    78:2b:cb:dx:xx:xx

    ^78[:-]?2[bB][:-]?[cC][bB][:-]?[dD]5([:-]?[0-9a-fA-F]{2}){2}$

    78:2b:cb:d5:xx:xx

    ^78[:-]?2[bB][:-]?[cC][bB][:-]?[dD]5[:-]?[aA][0-9a-fA-F][:-]?([0-9a-fA-F]{2})$

    78:2b:cb:d5:ax:xx

    ^78[:-]?2[bB][:-]?[cC][bB][:-]?[dD]5[:-]?[aA][cC][:-]?([0-9a-fA-F]{2})$

    78:2b:cb:d5:ac:xx

    ^78[:-]?2[bB][:-]?[cC][bB][:-]?[dD]5[:-]?[aA][cC][:-]?3[0-9a-fA-F]$

    78:2b:cb:d5:ac:3f



  • 8.  RE: ClearPass 6.2 static host list management

    Posted Sep 01, 2017 01:45 PM

    The suggestion to just use '*' above was close, it should have been '.*'