Security

last person joined: 23 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Guest: username & password

This thread has been viewed 14 times

  • 1.  Guest: username & password

    Posted Mar 24, 2020 07:46 AM

    I know this is not what ClearPass guest was designed to do, but I have received new direction as management did not support the self-registration approach.

     

    The decision from management is to create a single username and common password to be used by all.  I know this is very simple to create in CPPM and can set the amount of device to 0 (infinite).   I know this has an impact on reporting and auditing capabilities.

     

    While I have tested this with about 4 people without issues.  We can have up to 1000 'connections' at the same time globally. 

     

    My question is if CPPM supports this approach as I like the central administration approach as today we run Captive Portal locally on each controller.

     

    thanks



  • 2.  RE: Guest: username & password

    EMPLOYEE
    Posted Mar 24, 2020 09:03 AM

    Could you elaborate more in detail on your question in CPPM? We can create a account and set no expiry with no user limit and share same user details to all guest users.



  • 3.  RE: Guest: username & password

    Posted Mar 24, 2020 10:40 AM

    Hi Pavan,

     

    Yes, I think you have outlined my requirements very well - single username/password i.e. guest@scoobydoo.com to be used by all the guests who require internet access when visiting our sites. 

     

    thanks

     

     



  • 4.  RE: Guest: username & password
    Best Answer

    EMPLOYEE
    Posted Mar 25, 2020 01:33 AM

    Hi,

     

    Yes you can use the same guest account on ClearPass with unlimited number of devices. but the username here doesn't bring any value any more. You might be better off using Clearpass Guest login with access code. Check this old access code PDF (trick is to require username only for authentication which is the access code )https://community.arubanetworks.com/aruba/attachments/aruba/aaa-nac-guest-access-byod/13298/1/Access_Code_Logins.pdf



  • 5.  RE: Guest: username & password

    Posted Mar 26, 2020 06:40 AM

    Thanks - I have made the suggestion just to use the Access Code method and this was accepted (for the time being at least).



  • 6.  RE: Guest: username & password

    EMPLOYEE
    Posted Mar 25, 2020 06:33 AM

    As mentioned before, there should not be an issue in functionality.

     

    When moving from decentralized to centralized, make sure your ClearPass is sized and licensed correctly to handle the traffic for all the sites. But if self-registration with ClearPass worked well perfomance-wise, moving to pre-configured accounts should not be an issue as that puts even lower load on the ClearPass.