Security

last person joined: 23 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

How to Authenticate Read-Only/Guest Users with IAP and CPPM

This thread has been viewed 4 times

  • 1.  How to Authenticate Read-Only/Guest Users with IAP and CPPM

    Posted Apr 13, 2017 11:41 AM

    Hi, I know that there is the following document but this does not say what is needed to get this to work.

     

    http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/How-to-authenticate-IAP-admin-user-against-CPPM-over-TACACS/ta-p/192931

     

    I have tried different privledge levels coming back from CPPM but I either get denied access or full access. I can't seem to find the sweet spot in betwee.

     

    I am using IAP Version 6.4.4.8-4.2.4.5

    and Clear Pass Version: 6.6.3



  • 2.  RE: How to Authenticate Read-Only/Guest Users with IAP and CPPM

    Posted Apr 13, 2017 11:49 AM
    Why are you trying to give guess users mgmt access to the IAP ?



    Get Outlook for iOS


  • 3.  RE: How to Authenticate Read-Only/Guest Users with IAP and CPPM

    Posted Apr 13, 2017 11:52 AM

    I want to give access to our local IT Technitions to the portal to help with troubleshooting. They do not need full admin access.



  • 4.  RE: How to Authenticate Read-Only/Guest Users with IAP and CPPM

    Posted Apr 13, 2017 12:12 PM
    Did you tried using the following TACACs profile = Aruba TACACS read-only Access


  • 5.  RE: How to Authenticate Read-Only/Guest Users with IAP and CPPM

    Posted Apr 13, 2017 12:14 PM

    Yes, that seems to give full access so that may work with the controllers but does not seem to work on my IAP's.

     

    That policy also seems to have a Privledge level of 15. Maybe someone changed it from the default but that is what our system has. I tried making that 0 but I seemed to get the same result.