Hi all,
It seems that a good practise is to have IP addresses of the data and management ports in the RADIUS and/or HTTPS certificate in ClearPass together with DNS names. What is the reasoning behind this? If DNS names of the interfaces are as CN and SAN on the certificate, what would be use case for the IP addresses?
This might be relevant topic for smaller deployments where a client does not want to pay any extra from SAN fields on a certificate.