Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

ClearPass using Google+Okta as user database

This thread has been viewed 56 times

  • 1.  ClearPass using Google+Okta as user database

    Posted Aug 15, 2019 11:29 AM

    We use the Google plataform (GCP) as our user database and Okta to authenticate the access to all applications. 

     

    I know ClearPass has an integration with Okta, but it's not clear to me if we can use the Okta as an Authentication Source for 802.1X to access the network. 

     

    Anyone has any idea or thoughts about it? 



  • 2.  RE: ClearPass using Google+Okta as user database

    EMPLOYEE


  • 3.  RE: ClearPass using Google+Okta as user database

    Posted Aug 15, 2019 12:15 PM

    I saw this document, but this is using OnBoard. 

    Do I need to have the OnBoard to make it work, or can I just add the Okta Auth Source in a RADIUS service using EAP-PEAP on the controller? 



  • 4.  RE: ClearPass using Google+Okta as user database
    Best Answer

    EMPLOYEE
    Posted Aug 15, 2019 02:32 PM

    Legacy authentication methods are not possible with cloud identity stores.



  • 5.  RE: ClearPass using Google+Okta as user database

    Posted Dec 06, 2019 02:33 PM

    Hi Tim,

     

    And is possible to use SAML and EAP-TLS authentication? 



  • 6.  RE: ClearPass using Google+Okta as user database

    EMPLOYEE
    Posted Dec 08, 2019 12:42 PM

    SAML is used for pre-auth for certificate issuance. Follow the ClearPass Configuration Guide for Onboard and Cloud Identity Providers. It's covered step by step.



  • 7.  RE: ClearPass using Google+Okta as user database

    Posted Jan 13, 2021 06:45 AM
    After the certificate is issued and the network profile is installed on the device. The device is ready to perform EAP-TLS authentication.
    Which Authentication Source should we use for the Clearpass service?


    Original Message


  • 8.  RE: ClearPass using Google+Okta as user database

    MVP EXPERT
    Posted Jan 13, 2021 11:07 AM
    As answered in your other thread, you don't set an Authentication Source.

    ------------------------------
    Tim C
    ------------------------------

    Original Message


  • 9.  RE: ClearPass using Google+Okta as user database

    Posted Jan 23, 2021 08:39 AM
    Hi,

    Just posted this in the older thread before looking at the date, so not sure if you will see it, but the document link is leading to the old Support Portal, is it available anywhere else (couldn't locate it in the new ASP)? Thanks.

    ------------------------------
    [NesaM - ACMP|ACCP|ACDP]
    ------------------------------

    Original Message


  • 10.  RE: ClearPass using Google+Okta as user database

    EMPLOYEE
    Posted Jan 25, 2021 04:06 AM
    All most recent versions of documentation for ClearPass are listed on https://www.arubanetworks.com/clearpassdocs.

    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
    ------------------------------

    Original Message


  • 11.  RE: ClearPass using Google+Okta as user database

    Posted Jan 28, 2021 04:23 PM
    Thanks Herman.

    ------------------------------
    [NesaM - ACMP|ACCP|ACDP]
    ------------------------------

    Original Message


  • 12.  RE: ClearPass using Google+Okta as user database

    Posted Jan 26, 2021 05:05 PM
    Nobody seems to be mentioning this but I think that Okta has a RADIUS agent that you can run on-prem and send RADIUS to it. I've never done this myself but I remember reading about the agent and thinking that this should be possible.

    i.e. NAD --> CPPM --> Okta RADIUS Agent --> Okta Cloud
    Original Message


  • 13.  RE: ClearPass using Google+Okta as user database

    MVP EXPERT
    Posted Jan 26, 2021 05:09 PM
    It is not supported for this use.

    ------------------------------
    Tim C
    ------------------------------

    Original Message