Security

Hello Guys,

 

Could someone explain to me how IAP VC authenticate users to the AD database with ClearPass server? My understanding is that particular SSID is configured to use authenticate the server. That RADIUS server is a ClearPass server. Is clear pass talking to the AD server then user is trying to access the network or actually IAP VC? On the AD server to i need to allow as a RADIUS client only ClearPass server or all IAP VC?

 

Cheers,

Myky

ClearPass talks to your domain controllers. Your IAPs talk to ClearPass.

ok good and thanks. So ClearPass is asking to authenticate a particular user and providing credentials (username/password) to the ADs where IAP VCs are only sending it to the ClearPass?

You only need ClearPass to talk to AD
https://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/What-are-the-ports-that-need-to-be-opened-on-the-network/ta-p/175872

On IAP side you need to assign an IP address to the VC per cluster and enable dynamic radius proxy and that should be use as your RADIUS client that needs to talk to ClearPass

Get Outlook for iOS

Thanks all Guys