Security

Reply
Frequent Contributor I
Posts: 61
Registered: ‎09-16-2014

Automatically Use PC Credential That Join to Domain to Connect SSID

Hi All,

 

I've setup 802.1X Wireless that using Clearpass. I've test to automatically use Username and password that joined to Domain but failed to authenticate to SSID. Manually key in AD username and password successfully authenticated. In access tracker, the error is 215 with EAP-TLS error. I've not set the EAP-TLS in 802.1X service. Please advise. Thanks

Guru Elite
Posts: 21,556
Registered: ‎03-29-2007

Re: Automatically Use PC Credential That Join to Domain to Connect SSID

Please post the exact contents of the error.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Guru Elite
Posts: 8,782
Registered: ‎09-08-2010

Re: Automatically Use PC Credential That Join to Domain to Connect SSID

It's likely regarding the radius server certificate. Do you have a publicly or privately signed radius server certificate installed on ClearPass? 


Thanks, 
Tim

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 61
Registered: ‎09-16-2014

Re: Automatically Use PC Credential That Join to Domain to Connect SSID

Hi Tim,

 

Im not installed any signed certificate. Do i need to install that?How to get that certificate? I will post the error tomorrow. Thanks.

Guru Elite
Posts: 8,782
Registered: ‎09-08-2010

Re: Automatically Use PC Credential That Join to Domain to Connect SSID

Yes, you need to either get a publicly assigned certificate or distribute the self-signed ClearPass certificate to each client. 


Thanks, 
Tim

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 61
Registered: ‎09-16-2014

Re: Automatically Use PC Credential That Join to Domain to Connect SSID

Hi Tim,

 

Public assigned certificate means AD need to push the cert? How to get Clearpass to distribute the self signed certificate? Thanks. 

Guru Elite
Posts: 8,782
Registered: ‎09-08-2010

Re: Automatically Use PC Credential That Join to Domain to Connect SSID

No public would mean getting a certificate from a public CA.

You can use AD group policy to push the private cert or you can use something like QuickConnect. 

I would work with your Aruba partner. There are many considerations. 


Thanks, 
Tim

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 61
Registered: ‎09-16-2014

Re: Automatically Use PC Credential That Join to Domain to Connect SSID

Hi Tim,

 

Thanks on your explanation.

Search Airheads
Showing results for 
Search instead for 
Did you mean: