Security

Reply
Highlighted
New Contributor

Clearpass onboard

Hi All,

I have one requirement for which I need understand the following points.

  • If I have to install Onboarding as add on feature over CPPM , I have to install guest license or without guest license onboarding will function.

Let me explain the scenario well.

The client will switch onto clearpass policy manager.  They want to create separate network for their contractors and they will bring own devices. The users will be defined in the clear pass not to be in AD. They want to deploy the network with weblogin rather then 802.1x. They decided to go with wired as well as wireless.But the user restriction will be based on the groups and that will be enforced in the form dacl or dynamic vlan. They prefer the latter option. The sponsor will raise request for the contractor access.

  1. In this case what would be the best combination.
  2. What features should be deployed. like onboard , onguard.
  3. How certificate will deployed, is it a good idea for contractor network.

please suggest.


Accepted Solutions
Highlighted

Re: Clearpass onboard


som24roy@gmail.com wrote:

I just need to understand that my requirement of creation of contractor network with the following requirement can be fufilled with CPPM.

1. Web login

2. Dynamic vlan or dynamic ACL

3. Access on wired and wireless media

 

 

Regards

Somnath


Yes, your requirement can be achieved with CPPM Access license.


Thank you,
Saravanan

**Did something you read in the Community solve a problem for you? If so, click "Accept as Solution" in the post.
NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.

View solution in original post

Highlighted

Re: Clearpass onboard

Your requirements will work with CPPM.

 

 

I would recommend referring ClearPass-Solution-Guide-Wired-Policy-Enforcement for Cisco wired implementaiton.

 


Thank you,
Saravanan

**Did something you read in the Community solve a problem for you? If so, click "Accept as Solution" in the post.
NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.

View solution in original post


All Replies
Highlighted
Moderator

Re: Clearpass onboard

Onboard is for certificate enrollment.

You do not need any licenses outside of Access to handle your workflow. No client certificates are used for your workflow.


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted
New Contributor

Re: Clearpass onboard

I just need to understand that my requirement of creation of contractor network with the following requirement can be fufilled with CPPM.

1. Web login

2. Dynamic vlan or dynamic ACL

3. Access on wired and wireless media

 

 

Regards

Somnath

Highlighted

Re: Clearpass onboard


som24roy@gmail.com wrote:

I just need to understand that my requirement of creation of contractor network with the following requirement can be fufilled with CPPM.

1. Web login

2. Dynamic vlan or dynamic ACL

3. Access on wired and wireless media

 

 

Regards

Somnath


Yes, your requirement can be achieved with CPPM Access license.


Thank you,
Saravanan

**Did something you read in the Community solve a problem for you? If so, click "Accept as Solution" in the post.
NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.

View solution in original post

New Contributor

Re: Clearpass onboard

One more point I just need put forward.

Here is the flow.

Sponsor will request access for the contractor-> The request will provisioned and user created in CPPM-> The user id and pwd shared to the contractor-> They will be redirected and login with web-portal-> The CPPM will RFC communication to Juniper/Cisco devices for new vlan assignment(wired) and for wifi they should be mapped to the correct flexconnect local vlan-> They will be assigned new IP address.-> access to the partner.

Is this entire thing will work with CPPM. Do I need anything else

Highlighted

Re: Clearpass onboard

Your requirements will work with CPPM.

 

 

I would recommend referring ClearPass-Solution-Guide-Wired-Policy-Enforcement for Cisco wired implementaiton.

 


Thank you,
Saravanan

**Did something you read in the Community solve a problem for you? If so, click "Accept as Solution" in the post.
NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.

View solution in original post

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: