Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

End point profiling doesn't work on Clear pass

This thread has been viewed 5 times

  • 1.  End point profiling doesn't work on Clear pass

    Posted Aug 06, 2013 06:19 AM

    Hi All,

    We are  configuring Aruba clearpass for Mac bypass authentication for ip phones, but this doesnt work because the end point respository shows the phones as not profiled. In the network switch we have configured ip helper address as aruba clear pass and required radius parameters are provided for MAB authentication. 

     

    To my understanding  DHCP should act as a collector and automatically profile the ip phones , let me know if any parameters need to be specified.

    should we have dhcp snooping or snmp configured for profiling to work correctly?

     

    I have read through docs but unable to get a proper answer.

     

     

    Request inputs.

     



  • 2.  RE: End point profiling doesn't work on Clear pass

    Posted Aug 06, 2013 07:02 AM
    You need set the IP address of your clearpass server as one of ip helper address on that SVI.



  • 3.  RE: End point profiling doesn't work on Clear pass

    Posted Aug 06, 2013 07:13 AM

    We have configured clearpass ip address as the ip helper address, but the end point respository shows not profiled.

    Do we need to configure anything specific on clearpass  as well for getting the devices profiled.

    We are using 6.0 version.



  • 4.  RE: End point profiling doesn't work on Clear pass

    Posted Aug 06, 2013 07:17 AM

    Do you see anything in the endpoint profiler ?:

     



  • 5.  RE: End point profiling doesn't work on Clear pass

    Posted Aug 06, 2013 07:19 AM

     

    Also make sure you have it enabled 

    ClearPass Policy Manager - Aruba Networks_2013-08-06_07-18-43.png

    ClearPass Policy Manager - Aruba Networks_2013-08-06_07-18-14.png



  • 6.  RE: End point profiling doesn't work on Clear pass

    Posted Aug 06, 2013 08:34 PM
    Also ensure udp 67 (both src and dst ports) are allowed to clearpass.