Security

Hello

When you got a Clearpass in which we will use both ports.

If i got firewalls what ports do i need to open to it like this?

From clearpass  management ip to internet

http://clearpass.arubanetworks.com  port 80 and 443 to this website

From clearpass managment ip to the email relay

Mail - generally TCP 25 or 465.

From the controllers in general to  the data port ip

ClearPass Policy Manager/Guest Port Service

3799 For RFC 3576 to work.

1812 RADIUS1813

RADIUS Accounting Server

80 HTTP

443 HTTPS

From the guest user vlan to clearpass

port 80

port 443

I am correct? im missing something?

Both ports(managment and data port  are behind firewalls.  So i need to be clear this part.

Also we are just using clearpass guest.

Cheers

Carlos

Hi Carlos,

That looks like a good start. There are quite a few more port mentioned on the following post relating to NTP, database sync between CPPMs etc..

https://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/What-are-the-ports-that-need-to-be-opened-on-the-network/ta-p/175872

Cheers

James

I mised the NTP port thanks

That NTP would be a port i need to open to the administration port of the clerapass right?

We do not have a cluster of clearpass so i dont think i would need database sync between cppms

So in my post the ports are correct? i mean all those ports i mention i should open them but for the data port?

Cheers

Carlos

Looks good. 

You'd also need DNS. :)