• SonicOS 7.1
• Introduction Chapter (Primary)
  • Overview
    • About SonicOS
    • SonicOS Workflow
    • How to Use the SonicOS Administration Guides
    • Guide Conventions
• • Aruba ClearPass NAC Support
    • Configure SonicWall Policy by API - Default Groups
    • Enable ClearPass Integration

Enable ClearPass Integration

To be able to accept Threat APIs from ClearPass servers, you need to first enable the ClearPass in SonicOS.

To enable ClearPass

1. Login to SonicOS using username and password.

2. Under Device page, navigate to Network Access Control > Settings.

3. Click on the ClearPass Settings tab.

   

4. Enable the toggle button for Enable ClearPass option.

5. Set the Query User Role Interval(hours).

   The information exchange between SonicOS and NAC is bi-directional, so query timer needs to be set.

6. Click Save.

   

To add ClearPass Server

1. Click on ClearPass Servers tab. Click on Add.

   

2. Enter the details of the NAC server. Click on Add.

   

To secure the communication between NAC and Firewall, a dynamic JSON Web Token (JWT) needs to be created. Whenever a NAC device tries to connect to SonicOS firewall, JSON Web Token (JWT) has to be generated first. The NAC device can then include the generated JSON Web Token (JWT) in their UI, to be able to establish a connection.

To generate JSON Web Token

1. Click on JSON Web Token tab.

   

2. Enter the Token Expires in (Days) and click Accept.

3. Select the username from the drop-down list under Generate Token Name.

4. Click on Generate JWT.