Hello all;
Using Clearpass 6.7 against Active Directory.
I am working on a request to provide static IP addresses to a number of VPN users that need to be added to vendor whitelists for various reasons. My first thought was to use the "static IP" field in the dialin tab exposed in AD, but unfortunately that address is stored internally as a 32 bit integer and Clearpass requires a dotted quad.
My new plan is to use one of the AD extension attributes instead, and write a quick and dirty wrapper for the helpdesk to use. But before I do that, I was just curious if anyone else come up with a better solution?
I've also considered applying a common user role with a NAT firewall rule, but I'm not fond of having a shared IP floating around the network.