Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

PulseSecure VPN and ClearPass OnGuard

This thread has been viewed 10 times

  • 1.  PulseSecure VPN and ClearPass OnGuard

    Posted Sep 22, 2020 01:46 AM

    Hello,

    We have a PulseSecure SSL VPN for all our employees and ClearPass OnGuard also in place. Can we use ClearPass OnGuard for Posture assessment in place of PulseSecure health checks?

     

    Allow only healthy clients for network access over a VPN.

     

    Did anyone test this? Can you provide configuration details?

     

    Thanks,

    Yugandhar.



  • 2.  RE: PulseSecure VPN and ClearPass OnGuard

    EMPLOYEE
    Posted Sep 22, 2020 02:34 PM

    Hi,

     

    I assume, you are planning to use OnGuard for health check along with PulseSecure VPN connection. 

     

    This would be possible if the below prerequisites are met,

    • the ClearPass OnGuard Mode should be set to "Authenticate with health checks"
    • same username**(credentials) used to connect PulseSecure should be used for OnGuard agent authentication
    • VPN auth should also be sent to the ClearPass server
    • ClearPass uses the auth username to match the health-check/WebAuth and VPN authentications, and can trigger Radius CoA to change the client policy after the health-check. So, see if PulseSecure supports this flow.