Security

Reply
New Contributor

Clearpass with Fortinet Integration - Thoughts

Hi All,

 

We are currently thinking about moving to a full Aruba solution when it comes to our wireless infrastructure.  We currently use Fortinet as our Firewall.

 

Was just wondering if the community had any information or advice from people who currently have the same setup (ClearPass with Fortinet Firewall integration).  How does it work? Pros vs Cons?  What could be improved?  Overall are you satisfied with the amount of control you have?

 

We are all ears at this point so feel free to mention anything that could be helpful going forward.

 

Thanks!

Moderator

Re: Clearpass with Fortinet Integration - Thoughts

Tanner,

 

Today there is an existing TechNote I authored a couple of years back you can read on the support site. I'm currently working directly with Fortinet to bring a new API based integration out but I'm a few week out yet before this will likely be available.

 

Can you tell me what use-cases you have in mind for the CPPM/Forti-OS integration?


Best Regards
-d

ClearPass Product Manager

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Contributor I

Re: Clearpass with Fortinet Integration - Thoughts

Hi Danny, I'm working on doing this same CCPM - Fortiauthenticator integration.  Were you able to come up with updated technote for this proceedure?  

Moderator

Re: Clearpass with Fortinet Integration - Thoughts

Alas, the API's I've had so far fall short of providing the functionality we need. I'm currently waiting for FortiOS 6.0 beta, hoping this will provide what we need. :-)


Best Regards
-d

ClearPass Product Manager

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
New Contributor

Re: Clearpass with Fortinet Integration - Thoughts

Hi Danny,
could you provide some details re. the functionality you need ?
We're currently looking at purchasing new firewall and have to decide between two brands one of which is Fortinet. We'd like a good integration between FW and CPPM.

Occasional Contributor I

Re: Clearpass with Fortinet Integration - Thoughts

I'm curious of the status of this post as FortiOS 6.0 is officially released. Also I'm Wondering has authored a Vendor VSA update for Fortinet devices since I'd like to send all admin login RADIUS requests directly to CPPM instead of FortiAuthenticator. FortigateOS doesn't have a place to set an RFC-3576 server setting for RADIUS Accounting so I can see why you do Some accouting via the FortiAuthenticator for logins, but I'd like to not have to go to FortiAuth and skip directly to CPPM. I'm hoping someone's done all the XML-Fu to create an update to the Fortigate VSA's....please?

 

Thank you

Contributor I

Re: Clearpass with Fortinet Integration - Thoughts

Hi Danny, have you guys had a chance to look into this since the relase of 6.0 (now 6.0.1)?  I'd love to get some integration working if possible, primarily we just need to pass the users login info and device address onto the firewall if possible.

 

Thanks for your time!

Occasional Contributor II

Re: Clearpass with Fortinet Integration - Thoughts

Any news from Aruba about this topic? Thx
Contributor I

Re: Clearpass with Fortinet Integration - Thoughts

You can add the Fortigate as an Accounting Proxy target, to the service.

Under Fortigate you set up "Radius SSO".

Works fine with my Fortigates.

 

What is not working for you?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: