Security

last person joined: 22 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass not updating domain event viewer

This thread has been viewed 1 times

  • 1.  Clearpass not updating domain event viewer

    Posted Feb 09, 2019 03:04 PM
    Hi,

    I have a remote access solution using a 7210 mobility controller, users on the VIA software and Clearpass to control it all.

    Every time a user successfully logs in, a role is assigned by Clearpass and the users accesses the network under the relevant IP address according to this role on the controller.

    My only issue; when this whole process happens - Clearpass does not inform our domain controllers of the users new IP address. This wouldn’t be a problem; but our firewalls look to the domain controllers for the users latest IP address.

    Is there a way I can tell Clearpass to update the domain controller with the IP address that the new users are assigned?

    Thanks


  • 2.  RE: Clearpass not updating domain event viewer

    EMPLOYEE
    Posted Feb 09, 2019 04:04 PM
    ClearPass uses it as an authentication source. It is not part of a client to DC flow so this is not possible.

    What kind of firewall do you have?


  • 3.  RE: Clearpass not updating domain event viewer

    Posted Feb 09, 2019 04:41 PM
    Using Cisco Firepower appliance with identity awareness enabled.

    It essentially talks to our DCs to see what IP address the users are on to give them access. However at the moment I can’t see a way to inform the firewall of the new IP address Clearpass / controllers have given them.

    Any thoughts on a way around this?

    Thanks