Hello everyone
I got this scenario
1 Clearpass in office
1 Future Clearpass on a data center
Current situation
Clearpass authenticating 802.1x EAP TLS Wireless
Clearpass Authenticating 802.1x EAP TLS wired
Clearpass Authenticating TACACS+
Clearpass for Guest
Administration with a single IP
IF the clearpass were in the same site in which i could use a VIP putting a publisher subcriber there would not be issue.
BUT those sites are separate using layer 3 so i Guess i cannot use VIP
I see the fallowing:
Clearpass authenticating 802.1x EAP TLS Wireless
Here i can declare 2 radius servers on the NADS(no isuee i guess)
Clearpass Authenticating 802.1x EAP TLS wired
Here i can declare 2 radius servers on the NADS(no isuee i guess)
Clearpass Authenticating TACACS+
Here i can declare 2 radius servers on the NADS(no isuee i guess)
Clearpass for Guest
I see an issue here because the controller is just pointing i to one URL(we need the VIP here i bealive)
What can i do? i need both clearpass to be on the same subnet to create it.
Administration with a single IP
The client wanted one IP to do their administration(guess is not possible) We would need to use 2 administrations IPS (if the publisher fails for too long and it subcriber convert to the publisher)
What would be the best way to attack this scenario? Any advices that you have done?