Security

Reply
FXE
Occasional Contributor II

Certificate-based Authentication

Hi Guys,

 

I am new in Aruba ClearPass and I need help.

I want to have certificate-based authentication for my endpoints, may I know what configurations are needed in CPPM for this to work? I don't know how CPPM will check the endpoint's certificate and counter check it in the AD. What should be check, it is the CN or the DN? Also how CPPM grab the data of the CN/DN and counter check it in the AD if it is existed?

 

Thanks

Guru Elite

Re: Certificate-based Authentication

You need to start properly from scratch.  Are you already using CPPM for 802.1x authentication with EAP/PEAP?


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
FXE
Occasional Contributor II

Re: Certificate-based Authentication

Hi cjoseph,

 

Actually, not yet but I have an idea as far as theory is concerned because previously I am using Cisco ISE and I am watching some tutorial video and also I have a VM setup as of the moment.

 

I want to check the CN in my certificate and check against the AD if the username exist in the AD. How can I check that? And also can I do EAP-Chaining? For example, the CPPM will check first the computer name if it exists in the AD then it will check for the username/CN against the AD.

 

Thanks

Guru Elite

Re: Certificate-based Authentication

If you haven't already, I would take a look at this post here:  http://community.arubanetworks.com/t5/Video/Aruba-ClearPass-Workshop-Wireless-4-AD-Client-Certificates-EAP/ta-p/294172


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: