Security

Reply
Occasional Contributor II

OnGuard with MAC Auth Service

I am hoping this is an easy one, but I couldn't find any documentation on this. Can posture tokens be used to determine enforcement during a MAC authentication? I have OnGuard configured and it is reporting HEALTHY tokens back to CPPM on the WebAuth OnGuard service, but when that same client hits the MAC auth, their posture is showing as UNKNOWN. I do have the box checked in the enforcement policy to use cached roles and attributes. 

Ted Randall
ACMX #582
ACCP
Aruba Employee

Re: OnGuard with MAC Auth Service

It definitely works. I just tested this in my lab for a wireless MAC Auth.

 

The Enforcment Policy to use is Tips:Posture EQUALS HEALTHY --> Assign a role.

 

You can also use a COA where you send a role instead of a disconnect in the WEBAUTH itself which is a much better flow and user experience.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: