Security

last person joined: 20 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass routing

This thread has been viewed 10 times

  • 1.  Clearpass routing

    Posted Dec 09, 2016 03:50 PM

    Hello

    Im using data and managment interface

    I need to get the updates from managment interface

     

    I though it used the managment interface for the update but it doesnt...

    I see that i can configure a route for that but i guess it just accept ips.. but not domains...

    i need to get updates from http://clearpass.arubanetworks.com

    i guessi could put the ip that resolve but if it changes it wont get any updates....

     

    Any help

    Or the only way is using the data port?

     

    Cheers

    Carlos



  • 2.  RE: Clearpass routing

    EMPLOYEE
    Posted Dec 11, 2016 05:15 AM

    You will need to create a management route to pull updates over the management interface, as the default route will go out of the data port (when enabled).

    Check the ClearPass Services Routing Technote for the details: https://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/EntryId/7961/Default.aspx

     .. and yes that route is for IP only. The IP for clearpass.arubanetworks.com seems pretty stable though.



  • 3.  RE: Clearpass routing

    Posted Dec 11, 2016 03:07 PM
    So its not possible to add the domain as the destination?.
    So my optios are
    1 use the ip as destination but knowing it can change if i want to use the managment port
    2 use the data port for this uodates

    Therw is no other option