Aruba Clearpass configuration

I have an Aruba Clearpass server that is acting as a Radius server. I am offering up a pre-authentication page to users that connect to the guest wifi. Once they enter their name, email address and accept the terms of use, they are given a password and are automatically logged into the network on a predefined VLAN with specific permissions. The problem we are running into is how to have this work with a web filter. The web filter being used is a CIPA filter.

Currently, the CIPA filter queries the AD server and grants or denies internet access based on this. These users also connect to the wireless network on another SSID that is role based. This all works fine.

The biggest selling point to the Clearpass was that it was suppose to be able to push information to other devices. The CIPA filter will not query the Clearpass. At least, this is what I am being told. Having worked with Aruba over the last 2 days, I have gotten so many different answers to a variety of other configuration issues with only one person actually fixing the main issues. With that being said, does anyone know if the Clearpass can push the guest user database information out to another source? In short, can it give an accept to the other device and push the email address of the user. If no, or nobody is really sure, does anyone know of a web content filter that will actively query a Radius server so that I can change some parameters that will allow us to gather the information needed?

I know that there is OpenDNS that has worked with Aruba before. If someone has any experience with the two together, please feel free to let me know. Thank you everyone.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

btanExec ConsultantCommented:
CIPAFilter from what I understand cannot query user (no even active directory integration settings) and Clearpass does not push out such user data to other. More of the time, RADIUS agent pull or proxy the query from the RADIUS server OR having ICAP to interface with RADIUS server (some even use ICAP to 'talk' to AV server).

Pardon as not really have CIPAFilter but heard it can be limited since it is so focus on the use case of K12 protection and not enterprise centric as primary... Eventually a proxy has to be the middleman to interface with the various serves for content filter and user checking via ICAP or act as RADIUS agent

e.g. Websense ICAP Service makes it possible to integrate Websense Web Security solutions with third-party proxies and proxy-caches that support communication with ICAP servers.

e.g. Netbox Integration with Squid via ICAP

e.g. Websense RADIUS Agent works together with the RADIUS server and RADIUS clients in your network to process and track

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
INV_supportAuthor Commented:
I got the same information finally from Aruba that you just passed on. Thank you for following up and answering.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Wireless Networking

From novice to tech pro — start learning today.