Security

Reply
Highlighted
Regular Contributor II

ClearPass admin login - via external RADIUS server

I just want to make sure I'm clear and up to date on this - is TACACS+ and local users the only option for admin user login to CPPM boxes? I have read that this is the case but the info was a few years old.

 

We have an external RADIUS server which we use for management logins to our general network equipment so it would be ideal to use this for admin login to CPPM if possible.

 

Highlighted
Contributor II

Re: ClearPass admin login - via external RADIUS server

I have the same issue you do. First they tell me to use SAML SSO for admin log in but that causes issues as our clearpass server doing management log in doesn't share same certs and has to rely on other parts of the infrastructure. If oyu use TACACS+ you can only specify 1 IP address which breaks redundancy since my 3 Clearpass for management accounts are in different subnets. This futhure puts more reliance on other parts of our network for something that needs to run independant of failures of things on the network.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: