Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Automatically Use PC Credential That Join to Domain to Connect SSID

This thread has been viewed 0 times

  • 1.  Automatically Use PC Credential That Join to Domain to Connect SSID

    Posted Sep 19, 2015 10:14 PM

    Hi All,

     

    I've setup 802.1X Wireless that using Clearpass. I've test to automatically use Username and password that joined to Domain but failed to authenticate to SSID. Manually key in AD username and password successfully authenticated. In access tracker, the error is 215 with EAP-TLS error. I've not set the EAP-TLS in 802.1X service. Please advise. Thanks



  • 2.  RE: Automatically Use PC Credential That Join to Domain to Connect SSID

    EMPLOYEE
    Posted Sep 19, 2015 10:15 PM
    Please post the exact contents of the error.


  • 3.  RE: Automatically Use PC Credential That Join to Domain to Connect SSID

    EMPLOYEE
    Posted Sep 19, 2015 10:16 PM
    It's likely regarding the radius server certificate. Do you have a publicly or privately signed radius server certificate installed on ClearPass? 


    Thanks, 
    Tim


  • 4.  RE: Automatically Use PC Credential That Join to Domain to Connect SSID

    Posted Sep 19, 2015 10:21 PM

    Hi Tim,

     

    Im not installed any signed certificate. Do i need to install that?How to get that certificate? I will post the error tomorrow. Thanks.



  • 5.  RE: Automatically Use PC Credential That Join to Domain to Connect SSID

    EMPLOYEE
    Posted Sep 19, 2015 10:23 PM
    Yes, you need to either get a publicly assigned certificate or distribute the self-signed ClearPass certificate to each client. 


    Thanks, 
    Tim


  • 6.  RE: Automatically Use PC Credential That Join to Domain to Connect SSID

    Posted Sep 19, 2015 10:28 PM

    Hi Tim,

     

    Public assigned certificate means AD need to push the cert? How to get Clearpass to distribute the self signed certificate? Thanks. 



  • 7.  RE: Automatically Use PC Credential That Join to Domain to Connect SSID

    EMPLOYEE
    Posted Sep 19, 2015 10:34 PM
    No public would mean getting a certificate from a public CA.

    You can use AD group policy to push the private cert or you can use something like QuickConnect. 

    I would work with your Aruba partner. There are many considerations. 


    Thanks, 
    Tim


  • 8.  RE: Automatically Use PC Credential That Join to Domain to Connect SSID

    Posted Sep 19, 2015 10:56 PM

    Hi Tim,

     

    Thanks on your explanation.