® System . Dell™, the DELL™ logo, and PowerConnect™ are trademarks of Dell Inc. All rights reserved. Specifications in this manual are subject to change without notice. Originated in the USA. All other trademarks are the property of their respective owners.
Accessing Policy Manager Accessing Help Checking Basic Services 802.1x Wireless Use Case Configuring the Service Web Based Authentication Use Case Configuring the Service MAC Authentication Use Case Configuring the Service Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide...
Chapter 1 Configuring Policy Manager This Quick Start Guide for the Dell Networking W-ClearPass Policy Manager System (Policy Manager) describes the steps for installing the appliance using the Command Line Interface (CLI) and using the User Interface (UI) to ensure that the required services are running.
Page 6
Enter Management Port Subnet Mask: 255.255.255.0 Enter Management Port Gateway: 192.168.5.1 Enter Data Port IP Address: 192.168.7.55 Enter Data Port Subnet Mask: 255.255.255.0 Enter Data Port Gateway: 192.168.7.1 Enter Primary DNS: 198.168.5.3 Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide...
To reconfigure DNS or add a new DNS: [appadmin]# configure dns <primary> [secondary] [tertiary] To reconfigure or add management and data ports: [appadmin]# configure ip <mgmt | data > <ipadd> netmask <netmask address> gateway <gateway address> where: Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide...
Page 8
If you are using Active Directory to authenticate users, be sure to join the Policy Manager appliance to that domain as well. ad netjoin <domain-controller.domain-name> [domain NETBIOS name] where: Flag/Parameter Description Required. <domain-controller. domain- name> Host to be joined to the domain. Optional. [domain NETBIOS name] Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide...
Activation Request Token. Contact Dell Support and provide your technician with the downloaded token in an email attachment. Once you receive the Activation Key from Dell Support, save it to a known location on your computer. Come back to this screen and click on the Browse button to select the Activation Key.
<hostname> All Policy Manager user interface screens have context-sensitive help. To access context-sensitive help, click on the Help link at the top right hand corner of any screen. Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide...
The following three use cases illustrate the process of configuring Policy Manager for basic 802.1x, WebAuth, and MAC Bypass Services: 802.1x Wireless Use Case on page 13 Web Based Authentication Use Case on page 19 MAC Authentication Use Case on page 25 Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide...
(left column) and settings (in summary form in the right column) at each step. Below the table, we call attention to any fields or functions that may not have an immediately obvious meaning. Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide...
Page 14
Policy Manager): Authentication (tab) > Methods (Select a method from the drop-down list) Add > Sources (Select drop-down list): [Local User Repository] [Local SQL [Guest User Repository] [Local SQL Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide...
Page 15
Enforcement Policy. In the event of role-mapping failure, Policy Manager assigns a default role. In this Use Case, create the role mapping policy RMP_DEPARTMENT that distinguishes clients by department and the corresponding roles ROLE_ENGINEERING and ROLE_FINANCE, to which it maps: Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide...
Page 16
Add the new Role Mapping Policy to the Service: Back in Roles (tab) > Role Mapping Policy (selector): RMP_ DEPARTMENT > Upon completion, click Next (to Posture) 5. Configure a Posture Server Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide...
Page 17
Add the new Posture Server to the Service: Back in the Posture (tab) > Posture Servers (selector): PS_NPS, then click the Add button. Click the Next button. 6. Assign an Enforcement Policy Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide...
Page 18
For instructions about how to build such an Enforcement Policy, refer to Configuring Enforcement Policies"Configuring Enforcement Policies" in the Dell Networking W-ClearPass Policy Manager User Guide . 7. Save the Service. Click Save. The Service now appears at the bottom of the Services list.
1. Prepare the switch to pre-process WebAuth requests for the Policy Manager Dell WebAuth service. Refer to your Network Access Device documentation to configure the switch such that it redirects HTTP requests to the Dell Guest Portal , which captures username and password and optionally launches an agent that returns posture data.
Page 20
“user” representing the username to be returned. For authentication, Policy Manager strips the specified separators and any paths or domains beyond them. Upon completion, click Next (until you reach Enforcement Policy). Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide...
Page 21
Enable all Windows operating systems (check box) > Enable Service Pack levels for Windows 7, Vista, XP Server 2008, Server 2008 R2, and Server 2003 (check boxes) > Save (button) > Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide...
Page 22
Remediation URL. URL of remediation server. 5. Create an Enforcement Policy. Because this Use Case assumes the Guest role, and the Dell Web Portal agent has returned a posture token, it does not require configuration of Role Mapping or Posture Evaluation.
Page 23
Add a new Enforcement Policy: Enforcement (tab) > Enforcement Policy (selector): SNMP_POLICY Upon completion, click Save. 6. Save the Service. Click Save. The Service now appears at the bottom of the Services list. Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide...
Authentication request. A subsequent MAC Authentication request (forcefully triggered after the audit, or triggered after a short session timeout) uses the cached results from the audit to determine posture and role(s) for the device Figure 3: Flow-of-Control of MAC Authentication for Network Devices Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide...
(of type Static Host List). Refer to Adding and Modifying Static Host Lists "Adding and Modifying Static Host Lists" in the Dell Networking W-ClearPass Policy Manager User Guide for more information. You can also select any other supported type of authentication source. Table 12:...
Page 27
Role), in this use case Policy Manager applies post-audit rules against attributes captured by the Audit Server to infer Role(s). 5. Save the Service. Click Save. The Service now appears at the bottom of the Services list. Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide...