Security

Reply
Super Contributor I

ClearPass Policy Manager Profiling

Hello. I have my controller arubaOS 6.1 and ClearPass Policy Manager 6.2 with Profiling. When user login in the ssid with 802.1x. ClearPass Profiling not device categorized. I have available dhcp fingerprinter in the controller?

 

The controller device categorized ipad. Attachment imagen.

 

Thanks

Guru Elite

Re: ClearPass Policy Manager Profiling

Are you forwarding DHCP traffic of your clients to the ClearPass Policy Manager using a helper address?

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Super Contributor I

Re: ClearPass Policy Manager Profiling

Not, as acive?

Super Contributor I

Re: ClearPass Policy Manager Profiling

Not, as active?

Guru Elite

Re: ClearPass Policy Manager Profiling

You should add a helper address pointing to the ClearPass server(s) to each
subnet where you would like profiling to occur.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Super Contributor I

Re: ClearPass Policy Manager Profiling

where this option is available?

Guru Elite

Re: ClearPass Policy Manager Profiling

You need to do it on the router interface (SVI / RVI) for the user subnet.

 

In most deployments this is on an upstream device. 

 

    interface vlan 100

        ip helper-address <clearpass server>

 

 


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Super Contributor I

Re: ClearPass Policy Manager Profiling

Excellent. The option is correct.

 

Super Contributor I

Re: ClearPass Policy Manager Profiling

the ip helper-address what protocol our port use?.

 

Guru Elite

Re: ClearPass Policy Manager Profiling

ClearPass reads the DHCP discover packet.

 

[CLIENT]  UDP 0.0.0.0:68 -> 255.255.255.255:67 --> [ROUTER] UNICAST RELAY


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: