Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Mobile SIM enforcement policy and authentication

This thread has been viewed 0 times

  • 1.  Mobile SIM enforcement policy and authentication

    Posted Jul 23, 2020 11:56 PM

    Hi,

     

    I need to identify mobile's SIM to be able to assing a specific static IP to each mobile pone. 

     

    The Radius:IETF:calling-Station-Id attribute shows me the pone number, so, I can use a Radius attribute to créate a policy enforcement?.

     

    The End-Host-Identifier attribute that appears in the Access tracker, which also desplays the SIM pone number, could correspond to some attribute in the enforcement policy?



  • 2.  RE: Mobile SIM enforcement policy and authentication

    MVP EXPERT
    Posted Jul 24, 2020 11:06 AM

    The Calling-Station-Id should be the station MAC address.



  • 3.  RE: Mobile SIM enforcement policy and authentication

    Posted Jul 25, 2020 01:32 AM

    Hi timms, thanks.

     

    I also thought it would be like this but in the 3G mobile connection the MAC of the mobile terminal/phone doesn't appear and teh calling-station-id is the incoming phone number. That's coulb be fine but I think that the format should not be as expected (it is not a MAC is a phone number) and doesn't appear in the local endpoint repository and therefore I cannot create a condition with this attribute in the enforcement policy.



  • 4.  RE: Mobile SIM enforcement policy and authentication

    MVP EXPERT
    Posted Jul 25, 2020 12:17 PM
    Where is the request coming from? CPPM does not support SIM-based EAP termination.


  • 5.  RE: Mobile SIM enforcement policy and authentication

    Posted Jul 26, 2020 01:30 AM

    hi,

     

    I have attached that I see from radius request.