Aruba ClearPass Workshop (2021) - AOS-CX Wired #1 Wired 802.1X
Ғылым және технология
Now we have 802.1X network authentication working for wireless, we will configure the same for the Wired network and re-use most of the work we did for WLAN authentication already.
On my AOS-CX switch, 10.7 is deployed, it is just L2 and has 1/1/1 as uplink:
VLAN10 (Management)
VLAN11 (Corporate)
VLAN12 (Voice)
VLAN13 (Guest)
VLAN14 (Untrusted)
Port 1/1/3 is connected to my wired Windows 10 client.
Workshop video overview, schedule, and discussion can be found on the Airheads Community: community.arubanetworks.com/c...
⏰Timestamps:
00:00 Intro
00:30 Wired Policy Enforcement Solution Guide
01:10 Switch overview
02:02 Switch configuration
03:10 Windows 10 client configuration
04:48 ClearPass configuration
07:02 Successful authentication
Пікірлер: 9
Hi Herman, Thank you for making this video
Great video. You should add the client IP tracker option on the switch too so you can see the clients IP address.
@hermanrobers
2 жыл бұрын
Correct, will do that in next week's video. Tried to keep it simple small steps. Forgot to add definitions for the CoA servers as well, just enabled CoA, so that doesn't work either; also fixed in next week's video.
Hello all - are there any videos on setting up Cisco switches with ARuba Clearpass?
@hermanrobers
Жыл бұрын
I don't have a video, but there is an excellent guide 'Wired Policy Enforcement' available from the ClearPass documentation at www.arubanetworks.com/techdocs/ArubaDocPortal/content/cp-resources/cp-tech-notes.htm
can we authenticate against local database for 8021x and SSH ? I heard no for 1x, but no fall back option if remote is unreachable?
@hermanrobers
2 жыл бұрын
I have not seen local 802.1X RADIUS services on CX, and you probably don't want that either for security reasons. For admin access, you can have a fallback to local authentication, in case RADIUS/TACACS is not responding (or unaccessible due to faulty change in the network).
ClearPass new version 6.9.10 auto backup export to external server with NFS protocol. I have allowed firewall end permission but backup still not export to external server External several Teams want to confirmation external server NFS client or server install.
@hermanrobers
2 жыл бұрын
I would check the firewall if there is traffic blocked. I believe NFS is using dynamic port assignments, so you may need to open all ports UDP+TCP to your NFS server. Could also be a configuration issue on your NFS server. If you can't find anything in the firewall logs and your NFS server logs, Aruba TAC may help to check in the (debug) logs on ClearPass if there are indications of what is blocking proper functioning. Or check on the Aruba Airheads community: community.arubanetworks.com/community-home?CommunityKey=2477474f-de43-4598-a465-c179d41fdd0b