Security

Reply
Occasional Contributor II

Certificate-based Authentication

Hi Guys,

 

I am new in Aruba ClearPass and I need help.

I want to have certificate-based authentication for my endpoints, may I know what configurations are needed in CPPM for this to work? I don't know how CPPM will check the endpoint's certificate and counter check it in the AD. What should be check, it is the CN or the DN? Also how CPPM grab the data of the CN/DN and counter check it in the AD if it is existed?

 

Thanks

Guru Elite

Re: Certificate-based Authentication

You need to start properly from scratch.  Are you already using CPPM for 802.1x authentication with EAP/PEAP?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II

Re: Certificate-based Authentication

Hi cjoseph,

 

Actually, not yet but I have an idea as far as theory is concerned because previously I am using Cisco ISE and I am watching some tutorial video and also I have a VM setup as of the moment.

 

I want to check the CN in my certificate and check against the AD if the username exist in the AD. How can I check that? And also can I do EAP-Chaining? For example, the CPPM will check first the computer name if it exists in the AD then it will check for the username/CN against the AD.

 

Thanks

Guru Elite

Re: Certificate-based Authentication

If you haven't already, I would take a look at this post here:  http://community.arubanetworks.com/t5/Video/Aruba-ClearPass-Workshop-Wireless-4-AD-Client-Certificates-EAP/ta-p/294172



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: