Install ClearPass on Proxmox

Since ClearPass version 6.6.2, we have support for KVM (Kernal-based Virtual Machine). In this post, I show how to install ClearPass on Proxmox. Proxmox runs KVM based virtual machines but unfortunately do not use the tools from the installation guide of ClearPass. Nevertheless, follow this post to get it running. Running ClearPass on Proxmox is … Read moreInstall ClearPass on Proxmox

How To use the ClearPass RestAPI

This article is all about the ClearPass RestAPI. My goal is to give you a short overview of the┬ácapabilities of the ClearPass RestAPI and show one possible use case. Maybe you can comment on the article and describe your use case. I’m working on a project with the need to onboard a device with ClearPass. … Read moreHow To use the ClearPass RestAPI

MAC Authentication with Username using ClearPass

Ever wondered why you can’t use MAC authentication and get the correct username for monitoring purposes, for example? Actually, with ClearPass you can use MAC authentication with a username. You can return the correct username, not the MAC address so that monitoring applications can use this username instead of the MAC address. Configure the Controller … Read moreMAC Authentication with Username using ClearPass

Operator Login with Radius Authentication and Authorization

This time is all about radius based operator login, as some devices might not support TACACS+. The post describes the operator login with radius authentication and command authorization. This post covers only the ArubaOS devices which do not support TACACS+ command authorization. Operator Login with Radius on ArubaOS Switches For those ArubaOS switches, which do … Read moreOperator Login with Radius Authentication and Authorization

Operator Command Authorization and Accounting with ClearPass TACACS+

This is the second post on the TACACS+ topic. This time the post is all about TACACS+ operator command authorization and accounting. This is very helpful for logging who does what at which time and makes troubleshooting easier. Operator command authorization and accounting means, that all commands issued at the device, are sent to the … Read moreOperator Command Authorization and Accounting with ClearPass TACACS+

Operator Login with ClearPass TACACS+

This post is all about operator login with ClearPass. I show the implementation of authenticating a network operator to Aruba Switches, Comware based switches, Aruba Controller and AirWave. For some devices, I will show the process with TACACS+. For those, which do not support TACACS+, I use radius authentication, which I describe in a later … Read moreOperator Login with ClearPass TACACS+

Aruba Instant – External Captive Portal Enhancement

In my last post, I described a simple way, to use the an external captive portal with the Aruba Instant solution. This time, I will change the lab environment to support bridged clients. I will also cover the scenario with the internal dhcp server and the situation with an individual certificate. External Captive Portal in … Read moreAruba Instant – External Captive Portal Enhancement

Aruba Instant with External Captive Portal

Aruba Instant with External Captive Portal - External Captive Portal Profile Options

This time, I write about the scenario, using Aruba Instant with external captive portal. With external portal, I did not mean ClearPass. It can be a simple web server, with a simple web page, hosing the captive portal. I show, how to send back the information to Instant AP and get the user online. How … Read moreAruba Instant with External Captive Portal

How Aruba Central Provisioning Works

This time I will┬ádemonstrate the Aruba central provisioning process, to zero touch deploy switches and Aruba Instant AP’s. The process is using Aruba Activate as well. But let’s start at the beginning. What is Aruba Central Aruba Central is the cloud based management solution from HPE Aruba. In the past, Aruba Central was used to … Read moreHow Aruba Central Provisioning Works

HOW TO: Aruba VIA

This time, I would like to show the configuration of the Virtual Intranet Access client. I use this one as a replacement for my OpenVPN installation. The aim is, to have an encrypted connection, even when using public hot spots. The great thing, Aruba VIA is also available to mobile phones, like my iPhone. In … Read moreHOW TO: Aruba VIA