Security

Hello, 

We are working on implementing a guest portal through ClearPass and it seems to be almost working. We have it sending an e-mail for a "sponsor" to authorize the guest access and internally things or working fine. If the sponsor pulls the e-mail from their phone though the authorization does not work. Think this is due to us not having the server in our public address space so working to get that setup with a NAT on our firewall. Question is how can we lock this down? Does this process use specific ports or something that we can use to limit access? I really do not want an open NAT hanging out with access to ClearPass server and let it get beat at. 

Thanks in advance ... 

It is HTTPS, so I don't suggest opening it. Usually the user would be on net, or connect to approve over VPN.

Hello, 

We are working on implementing a guest portal through ClearPass and it seems to be almost working. We have it sending an e-mail for a "sponsor" to authorize the guest access and internally things or working fine. If the sponsor pulls the e-mail from their phone though the authorization does not work. Think this is due to us not having the server in our public address space so working to get that setup with a NAT on our firewall. Question is how can we lock this down? Does this process use specific ports or something that we can use to limit access? I really do not want an open NAT hanging out with access to ClearPass server and let it get beat at. 

Thanks in advance ...