Security

Reply
MVP Guru

Re: Post Session Restriction Profile - Real world use case

post-auth-check > action > disconnect and block access


Cheers
James
----------------------------------------------------------------------
--------------------------@whereisjrw--------------------------
---------------------------------blog-------------------------------
ACCX #540 | ACMX #353 | ACDX #216 | AMFX #11
----------------------------------------------------------------------
----------------------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Frequent Contributor II

Re: Post Session Restriction Profile - Real world use case

Blacklist user repository refers to Static host list? coz i did the same
thing but nothing is added SHL.
Frequent Contributor II

Re: Post Session Restriction Profile - Real world use case

Ok i see them under monitoring. Out of curiosity, i have also accessed Clearpass DB with pgadmin, and can see different tables, any idea which one corresponds to Black listed users?

 

So the workflow would be, to use BL as authz source, and when user is matched, either deny or push different role to him right?

MVP Guru

Re: Post Session Restriction Profile - Real world use case

In theory yes, that's how I see it working.


Cheers
James
----------------------------------------------------------------------
--------------------------@whereisjrw--------------------------
---------------------------------blog-------------------------------
ACCX #540 | ACMX #353 | ACDX #216 | AMFX #11
----------------------------------------------------------------------
----------------------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Frequent Contributor II

Re: Post Session Restriction Profile - Real world use case

Ok let me test this out tomorrow. 

 

Also if you or anyone can advise which table in public database corresponds to Black list users repository. Just asking out of curiosity. 

Frequent Contributor II

Re: Post Session Restriction Profile - Real world use case

Dear James, 

 

I added BL as authz source but couldnt use it in rolemapping or enforcement policy. I checked under sources and in my case (snap attached) its fields are empty. 

 

How to use BL user respository in Role mapping or Enforcement profile? its not available.

Frequent Contributor II

Re: Post Session Restriction Profile - Real world use case

Got it to work, attaching the snapshots of my BL authentication source and changes done to it, and also my enforcement profile.

 

Thanks James for all the help provided

Highlighted
MVP Guru

Re: Post Session Restriction Profile - Real world use case

That's great! Glad you got it working. :)


Cheers
James
----------------------------------------------------------------------
--------------------------@whereisjrw--------------------------
---------------------------------blog-------------------------------
ACCX #540 | ACMX #353 | ACDX #216 | AMFX #11
----------------------------------------------------------------------
----------------------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: