Security

last person joined: 23 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

IP addresses in RADIUS or HTTPS certificates? (CPPM)

This thread has been viewed 0 times

  • 1.  IP addresses in RADIUS or HTTPS certificates? (CPPM)

    Posted Nov 17, 2015 03:20 PM

    Hi all,

     

    It seems that a good practise is to have IP addresses of the data and management ports in the RADIUS and/or HTTPS certificate in ClearPass together with DNS names. What is the reasoning behind this? If DNS names of the interfaces are as CN and SAN on the certificate, what would be use case for the IP addresses?

    This might be relevant topic for smaller deployments where a client does not want to pay any extra from SAN fields on a certificate.



  • 2.  RE: IP addresses in RADIUS or HTTPS certificates? (CPPM)
    Best Answer

    EMPLOYEE
    Posted Nov 17, 2015 04:35 PM
    The only time you need to put the IP in the SAN field is if you are redirecting by IP instead of FQDN