Security

Reply
Occasional Contributor II
Posts: 13
Registered: ‎04-25-2012

CPPM certificate for Windows TLS Authentication

Hi All,

 

I am trying to test EAP-TLS Authentication in our environment. Will i be able to use the certificate generated via Clearpass Onboard  to test this?. If so, what authentication source, should i choose while creating the service ?

 

We have 3600 series mobility controller and CPPM in the backend.

 

Thanks.

-Sundar

Guru Elite
Posts: 8,796
Registered: ‎09-08-2010

Re: CPPM certificate for Windows TLS Authentication

Is ClearPass Onboard signing your client certs?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II
Posts: 13
Registered: ‎04-25-2012

Re: CPPM certificate for Windows TLS Authentication

Hi Cappalli,

Yes, for this test, I am planning to use clearpass onboard to sign the cert.

 

We currently use PEAP, and planning to implement certificate based authentication. We don't have any PKI so far. So to test this, wondering if i could use the on board certificate.

 

Thanks,

Sundar

Guru Elite
Posts: 8,796
Registered: ‎09-08-2010

Re: CPPM certificate for Windows TLS Authentication

Yes, you can use both PEAP and EAP-TLS in the same service.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II
Posts: 13
Registered: ‎04-25-2012

Re: CPPM certificate for Windows TLS Authentication

Hi Cappalli,

What should be the authentication source for validating the client certificate if choose TLS and sign the cert using clearpass onboard ?

 

Thanks,

Sundar

Guru Elite
Posts: 8,796
Registered: ‎09-08-2010

Re: CPPM certificate for Windows TLS Authentication

You can just use AD/LDAP as the source.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II
Posts: 13
Registered: ‎04-25-2012

Re: CPPM certificate for Windows TLS Authentication

Hi Cappalli,

Thanks for the clarification.

-Sundar

Occasional Contributor II
Posts: 13
Registered: ‎04-25-2012

Re: CPPM certificate for Windows TLS Authentication

I tested this,  I had a certificate signed from the Clearpass onboard, installed on my windows machine. I was able to successfully authenticate to my AD. One question I have is, what credentials does my AD validate ?, because i didn't key in my AD credentials.

 

Thanks,

Sundar

Occasional Contributor II
Posts: 13
Registered: ‎04-25-2012

Re: CPPM certificate for Windows TLS Authentication

What i would like to test & implement is, to have the controller perform certficate-based authentication against my Microsoft Active Directory Idenity source. Can someone point me in the right direction ?

 

 

 

Moderator
Posts: 496
Registered: ‎11-09-2012

Re: CPPM certificate for Windows TLS Authentication

Sure, there is  TechNote covering this on the support site.....

 

ADCS with ClearPass Onboard v1.1.pdf

 

 

 


Best Regards
-d

Snr Tech Marketing Engineer - ClearPass

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Search Airheads
Showing results for 
Search instead for 
Did you mean: