Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Integration of Clearpass with VPN clients in Watchguard Firewall

This thread has been viewed 6 times

  • 1.  Integration of Clearpass with VPN clients in Watchguard Firewall

    Posted Oct 11, 2018 03:17 PM

    Hi,
    It is possible that customers who connect by VPN from their laptops, etc. and authenticate in the Firewall go through a second authentication that is Clearpass and assign Roles? that is to say that they authenticate first with the Firewall and later with Clearpass, perhaps with a local user database where the VPN users reside. I hope you can support me.
    Thank you.



  • 2.  RE: Integration of Clearpass with VPN clients in Watchguard Firewall
    Best Answer

    Posted Oct 16, 2018 09:41 PM

    Generallty speaking we did try to engage with WG about 2.5-years back but they lacked motivation to work with us. Specific to your VPN query, anything is possible but VPN creates additional hurldes due to it being a L3 connection and CPPM 'typically' wanting to see a endpoint mac-address in the auth. We can authN VPN but there can be some challanges especially if we need to trigger a post-auth action, i.e. update the firewall with some API call.