Frequent Contributor II

ClearPass Policies On Remote Connecting Users

another vendor is offering NAC Solution  , They can enfornce NAC policies  for remote connecting SSLVPN users becaue they can offer SSLVPN access on the same HW of NAC

I wanted to get equivalent from Aruba ,  it is ClearPass as NAC solution .... but since there is no remote  SSLVPN access @ aruba i wanted to check how to enforce clearpass policies on remote connected usres wwhoc connected to Firewall through  dynamic remote VPN ?  Can i force them to pass through Conrtoller & let controller act as FW to apply Clearpass policies ? because as i understand the controller acts as FW for wireless users , not for wired coming from normal Cisco switches



Re: ClearPass Policies On Remote Connecting Users

Aruba offers VIA as a VPN option; IPsec with failback to HTTPS.  With this you can terminate clients on the controllers and utilize your existing roles and policies.   Otherwise, you can use ClearPass to authenticate the users of the other SSL solution.   ClearPass can authenticate and authorize them; and depending on what SSL solution send back appropriate attributes for the solution to apply roles, etc.   However you cannot use the controller's roles/policies in this case.  


If you are open to sharing the other solution, we can try and help with more specific options.

Systems Engineer, Northeast USA

Search Airheads
Showing results for 
Search instead for 
Did you mean: