Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances

321

322

323

324

325

326

327

328

329

330

330 | Administration Dell Networking W-ClearPass Policy Manager 6.3 |User Guide

Parameter Description

Management

Port: Default

Gateway

Default gateway for management interface

Data/External

Port: IP Address

Data interface IP address. All authentication and authorization requests arrive on the data

interface.

Data/External

Port: Subnet

Mask

Data interface Subnet Mask

Data/External

Port: Default

Gateway

Default gateway for data interface

DNS: Primary

DNS

Primary DNS for name lookup

DNS: Secondary

DNS

Secondary DNS for name lookup

AD Domains Displays a list of joined active directory domains. Select Join Domain to join an Active Directory

domain. Refer to "Join AD Domain" on page 330 for more information.

After an AD Domain is added, the domain controller can be setup as a password server. Refer to

"Add Password Server" on page 332 for more information.

Table 200:

Server Configuration System tab (Continued)

Join AD Domain

You can join CPPM to an Active Directory (AD) domain to authenticate users and computers that are members of an

Active Directory domain. Joining CPPM to an Active Directory domain creates a computer account for the CPPM node

in the AD database. Users can then authenticate into the network using 802.1X and EAP methods, such as PEAP-

MSCHAPv2, with their own their own AD credentials.

If you need to authenticate users belonging to multiple AD forests or domains in your network, and there is no trust

relationship between these entities, then you must join CPPM to each of these untrusting forests or domains.

There is no need to join CPPMto multiple domains belonging to the same ADforest because a one-way trust

relationship exists between these domains. In this case, you join CPPMto the root domain.

Join Domain - Click on this button to join this Policy Manager appliance to an Active Directory domain. Password

servers can be configured after Policy Manager is successfully joined. Refer to "Add Password Server" on page 332 for

more information.

Leave Domain - If the server is already part of multiple AD domains, click on this button to disassociate this Policy

Manager appliance from an Active Directory domain.

For most use cases, if you have multiple nodes in the cluster, you must join each node to the same Active Directory

domain.