Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

CPPM certificate for Windows TLS Authentication

This thread has been viewed 2 times

  • 1.  CPPM certificate for Windows TLS Authentication

    Posted Feb 10, 2015 05:30 PM

    Hi All,

     

    I am trying to test EAP-TLS Authentication in our environment. Will i be able to use the certificate generated via Clearpass Onboard  to test this?. If so, what authentication source, should i choose while creating the service ?

     

    We have 3600 series mobility controller and CPPM in the backend.

     

    Thanks.

    -Sundar


    #3600


  • 2.  RE: CPPM certificate for Windows TLS Authentication

    EMPLOYEE
    Posted Feb 10, 2015 08:15 PM
    Is ClearPass Onboard signing your client certs?


  • 3.  RE: CPPM certificate for Windows TLS Authentication

    Posted Feb 10, 2015 08:24 PM

    Hi Cappalli,

    Yes, for this test, I am planning to use clearpass onboard to sign the cert.

     

    We currently use PEAP, and planning to implement certificate based authentication. We don't have any PKI so far. So to test this, wondering if i could use the on board certificate.

     

    Thanks,

    Sundar



  • 4.  RE: CPPM certificate for Windows TLS Authentication

    EMPLOYEE
    Posted Feb 10, 2015 08:26 PM
    Yes, you can use both PEAP and EAP-TLS in the same service.


  • 5.  RE: CPPM certificate for Windows TLS Authentication

    Posted Feb 10, 2015 08:32 PM

    Hi Cappalli,

    What should be the authentication source for validating the client certificate if choose TLS and sign the cert using clearpass onboard ?

     

    Thanks,

    Sundar



  • 6.  RE: CPPM certificate for Windows TLS Authentication
    Best Answer

    EMPLOYEE
    Posted Feb 10, 2015 08:34 PM
    You can just use AD/LDAP as the source.


  • 7.  RE: CPPM certificate for Windows TLS Authentication

    Posted Feb 11, 2015 10:21 AM

    Hi Cappalli,

    Thanks for the clarification.

    -Sundar



  • 8.  RE: CPPM certificate for Windows TLS Authentication

    Posted Feb 11, 2015 11:58 AM

    I tested this,  I had a certificate signed from the Clearpass onboard, installed on my windows machine. I was able to successfully authenticate to my AD. One question I have is, what credentials does my AD validate ?, because i didn't key in my AD credentials.

     

    Thanks,

    Sundar



  • 9.  RE: CPPM certificate for Windows TLS Authentication

    Posted Feb 11, 2015 06:17 PM

    What i would like to test & implement is, to have the controller perform certficate-based authentication against my Microsoft Active Directory Idenity source. Can someone point me in the right direction ?

     

     

     



  • 10.  RE: CPPM certificate for Windows TLS Authentication

    Posted Feb 11, 2015 06:34 PM

    Sure, there is  TechNote covering this on the support site.....

     

    ADCS with ClearPass Onboard v1.1.pdf