Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Filter the Framed IP Address

This thread has been viewed 2 times

  • 1.  Filter the Framed IP Address

    Posted Dec 05, 2016 04:22 PM

    Hi,

     

     Is there a way to filter the "Framed IP Address"?? I need to give access to a user IP or IP range but don't get into the attribute to use the client IP.



  • 2.  RE: Filter the Framed IP Address

    EMPLOYEE
    Posted Dec 05, 2016 04:26 PM
    What authentication method is in use?


  • 3.  RE: Filter the Framed IP Address

    Posted Dec 05, 2016 04:40 PM

    802.1X



  • 4.  RE: Filter the Framed IP Address

    EMPLOYEE
    Posted Dec 05, 2016 04:44 PM
    You won't be able to use the client's IP in an 802.1X policy decision as 802.1X occurs at L2 before an IP address is issued to the client.


  • 5.  RE: Filter the Framed IP Address

    Posted Dec 05, 2016 05:11 PM

    So, in wich scenario can I use the IP address?

     

    Can I create a new attribute and use this IP to update it?



  • 6.  RE: Filter the Framed IP Address

    EMPLOYEE
    Posted Dec 05, 2016 05:13 PM
    You can only leverage the client's IP during a web auth or VPN authentication.


  • 7.  RE: Filter the Framed IP Address

    Posted Dec 05, 2016 05:18 PM

    How can I set the service to filter the IP address on a web auth?



  • 8.  RE: Filter the Framed IP Address

    EMPLOYEE
    Posted Dec 05, 2016 05:23 PM
    Can you please explain your authentication sequence, workflow and expected outcomes?


  • 9.  RE: Filter the Framed IP Address

    Posted Dec 05, 2016 05:26 PM

    I need to use 802.1X or CaptivePortal auth, due to the users use a static IP address, the idea is to give access just to a range of IP addresses.