Category: Security
ClearPass, Management, Security
ClearPass, Azure AD, SSO and Object ID
Single sign-on is nothing new and I am not going to tell you how to configure ClearPass to use SAML SSO with Azure AD. There is a lot of documentation available, like: Flomian Networking – ClearPass SSO with Azure AD ClearPass Onboard Cloud Identity Providers This post is about an issue I was facing with … Read More
Aruba Networks, ClearPass, Configuration Example, Security
ClearPass – custom MPSK
Multiple PreShared Key (MPSK) is the ideal replace for the old-fashioned static PSK environments. MPSK provides the flexibility and scalability which traditional PSK networks are lacking. MPSK provides a per device pre shared key. Aruba ClearPass is the authentication server to verify the pre shared key entered on a device. To create a pre shared … Read More
Aruba Networks, ClearPass, Configuration Example, Security, Switching
Downloadable User-Roles and NTP sync
The HPE Aruba switches have this cool feature called downloadable user-roles (DUR). DUR enables the switch to use a central ClearPass server to download user-roles to the switch for authenticated users. More and more customers want to implement wired authentication to strengthen the security level of their network. Via DUR the switches perform an HTTPS … Read More
FortiGate – OnDemand Token Timeout
Today’s customer is having a problem with OnDemand tokens on a FortiGate firewall. The FortiGate firewall uses RADIUS authentication for SSL VPN user authentication. FortiAuthenticator is used as RADIUS server. To strengthen the security levels, FortiAuthenticator is configured to demand two-factor authentication (2FA) for successful authentication. FortiAuthenticator has multiple options to demand 2FA from a … Read More
NetScaler VPX – management certificate
I would like to upgrade my current NetScaler VPX Express configuration via GUI. For some security reason Internet Explorer and FireFox aren’t able to access the GUI. They return the error message that the NetScaler is using a wrong SSL certificate. The default SSL self-signed certificate is installed on the appliance. I have uploaded a … Read More
Citrix Secure Gateway via https-only
Configuring a Citrix Secure Gateway (CSG) server is simple, but provides a powerful solution to access resource from remote locations. CSG is an application installed on a DMZ server. Mostly I also configure the Citrix WebInterface on the same server. The CSG instance listens on TCP/443 and the WI instance listens on TCP/80. To improve … Read More