Security

Hi Airheads.

Aruba CX 10000 switch is great product in it' own right. It opens new horizonts and force us to look at the bigger picture. There was a lot of talks around it from it's introduction last year.

One component we didn't really have too much talk is Pensando Policy and Services Manager. PSM in short. Usually we talk about Fabric Composer and technicalities. 

When I was testing PSM, it was my natural instinct to try to authorize users via ClearPass. Searching Airheads, Arubapedia, Google, AMD, Pensando... didn't return any usefull clues how to do it. Having no other option, I reach out to AMD Pensando team in Europe and thank's to them receive required information. It wasn't take much effort to configure ClearPass and PSM to successfully use RADIUS authentication.

Attached is first version of the instructions how to do it.

Many thanks to AMD Pensando guys in Europe. You are really great. 

Best, Gorazd

------------------------------
Gorazd Kikelj
------------------------------

Hey,

thank you for sharing this Technical Note.
Very useful and an important addition to the userguide.

------------------------------
Best regards, mom

Original Message:
Sent: Dec 08, 2022 07:58 AM
From: GorazdKikelj
Subject: Aruba ClearPass and AMD Pensando PSM RADIUS Authentication

Hi Airheads.

Aruba CX 10000 switch is great product in it' own right. It opens new horizonts and force us to look at the bigger picture. There was a lot of talks around it from it's introduction last year.

One component we didn't really have too much talk is Pensando Policy and Services Manager. PSM in short. Usually we talk about Fabric Composer and technicalities. 

When I was testing PSM, it was my natural instinct to try to authorize users via ClearPass. Searching Airheads, Arubapedia, Google, AMD, Pensando... didn't return any usefull clues how to do it. Having no other option, I reach out to AMD Pensando team in Europe and thank's to them receive required information. It wasn't take much effort to configure ClearPass and PSM to successfully use RADIUS authentication.

Attached is first version of the instructions how to do it.

Many thanks to AMD Pensando guys in Europe. You are really great. 

Best, Gorazd

------------------------------
Gorazd Kikelj
------------------------------

Hi Mom.

Did you find out, what went wrong?

I usually forget to assign a user group to role bonding and then I get no access. Quite embarrassing :-) . I didn't spot this error and for workaround I add role binding of remote user manually. Now I look into my Tech Note and see my error and everything is working fine.

Best, Gorazd

Hey,

thank you for sharing this Technical Note.
Very useful and an important addition to the userguide.

------------------------------
Best regards, mom

Original Message:
Sent: Dec 08, 2022 07:58 AM
From: GorazdKikelj
Subject: Aruba ClearPass and AMD Pensando PSM RADIUS Authentication

Hi Airheads.

Aruba CX 10000 switch is great product in it' own right. It opens new horizonts and force us to look at the bigger picture. There was a lot of talks around it from it's introduction last year.

One component we didn't really have too much talk is Pensando Policy and Services Manager. PSM in short. Usually we talk about Fabric Composer and technicalities. 

When I was testing PSM, it was my natural instinct to try to authorize users via ClearPass. Searching Airheads, Arubapedia, Google, AMD, Pensando... didn't return any usefull clues how to do it. Having no other option, I reach out to AMD Pensando team in Europe and thank's to them receive required information. It wasn't take much effort to configure ClearPass and PSM to successfully use RADIUS authentication.

Attached is first version of the instructions how to do it.

Many thanks to AMD Pensando guys in Europe. You are really great. 

Best, Gorazd

------------------------------
Gorazd Kikelj
------------------------------

Hi Airheads.

Aruba CX 10000 switch is great product in it' own right. It opens new horizonts and force us to look at the bigger picture. There was a lot of talks around it from it's introduction last year.

One component we didn't really have too much talk is Pensando Policy and Services Manager. PSM in short. Usually we talk about Fabric Composer and technicalities. 

When I was testing PSM, it was my natural instinct to try to authorize users via ClearPass. Searching Airheads, Arubapedia, Google, AMD, Pensando... didn't return any usefull clues how to do it. Having no other option, I reach out to AMD Pensando team in Europe and thank's to them receive required information. It wasn't take much effort to configure ClearPass and PSM to successfully use RADIUS authentication.

Attached is first version of the instructions how to do it.

Many thanks to AMD Pensando guys in Europe. You are really great. 

Best, Gorazd

I added a new chapter on using Clearpass with PSM cluster by utilizing NAS-ID field for RADIUS device.

Best, Gorazd

------------------------------
Gorazd Kikelj
MVP Guru 2025

Original Message:
Sent: Dec 08, 2022 07:58 AM
From: GorazdKikelj
Subject: Aruba ClearPass and AMD Pensando PSM RADIUS Authentication

Hi Airheads.

Aruba CX 10000 switch is great product in it' own right. It opens new horizonts and force us to look at the bigger picture. There was a lot of talks around it from it's introduction last year.

One component we didn't really have too much talk is Pensando Policy and Services Manager. PSM in short. Usually we talk about Fabric Composer and technicalities. 

When I was testing PSM, it was my natural instinct to try to authorize users via ClearPass. Searching Airheads, Arubapedia, Google, AMD, Pensando... didn't return any usefull clues how to do it. Having no other option, I reach out to AMD Pensando team in Europe and thank's to them receive required information. It wasn't take much effort to configure ClearPass and PSM to successfully use RADIUS authentication.

Attached is first version of the instructions how to do it.

Many thanks to AMD Pensando guys in Europe. You are really great. 

Best, Gorazd

------------------------------
Gorazd Kikelj
------------------------------