Security

Hey All,

I just downloaded the evaluation version of clearpass to have a trial with.

I was looking at replacing our current windows radius server and cisco ACS server with Clearpass.

Is there a "how to guide" to explain how to set up a basic clear pass setup for authenicating Cisco end points (switches and routers) with radius and tacacs?

Thanks :)

There are a number of documents on this page...http://support.arubanetworks.com/DOCUMENTATION/tabid/77/DMXModule/512/Default.aspx?EntryId=7961

Attaching some documents for your reference. there are lot more from support portal as colin mentioned above.

Attachment(s)

TACACS+serviceConfig.pdf   266 KB 1 version

Aruba Wireless and ClearPass 6 Integration Guide v1.2.pdf   3.12 MB 1 version

Cisco Switch Setup with CPPM-v1.2.pdf   1.05 MB 1 version

Hey Guys,

thanks for this!  I will go through the documentation today and try and figure it out :)

Thanks again,

Alan

Alan,

I cannot speak to the RADIUS portion of the implementation, but I've just overcome all the hurdles

of implementing AAA/TACACS to Cisco Switches/Routers during a pilot to replace ACS.

We're using Active Directory as the Authentication/Authorization source with multiple AD Admin-Groups

and multiple Device Groups spread over about ten distinct business units covering  ~160 sites in the U.S.

and Canada.

I would be happy to share some of my hard won knowledge.

Vince

good win!

I've been having a play with it in VMWARE workstation and GNS3 (to authenticate a router)

I just got it working with a local account, but we will require AD user authentication as well :)

Any information you can share will be useful :) 

Did you not have a need for radius to authenticate non tacacs supported devices?

Many Thanks!!!

/Alan

Well you will need to:

Setup your AD as an Authentication source.  The documentation should tell you how.

@VTWATKINS

I would be interested in this formation too.

Is it possible to get a copy? 

Hi VTWATKINS

Would you mind sharing that information please? I'm looking at the same solution TACACS+ with Cisco/Juniper switches.

slete@bdo.ca

@VTWATKINS -- Could I get a copy as well?

I am working on  same task right now. but my boss ask me to configure clearpass with radius for network devices access.

just want to know which document can guide me to finish it.

thank you everyone in advance !

Vince

I would be interested in seeing some of your hard won knowledge on this as I'm struggling to get it even close to working.

Thanks

Jon

---

@vjwatkins wrote:

Alan,

 

I cannot speak to the RADIUS portion of the implementation, but I've just overcome all the hurdles

of implementing AAA/TACACS to Cisco Switches/Routers during a pilot to replace ACS.

 

We're using Active Directory as the Authentication/Authorization source with multiple AD Admin-Groups

and multiple Device Groups spread over about ten distinct business units covering  ~160 sites in the U.S.

and Canada.

 

I would be happy to share some of my hard won knowledge.

 

Vince

---