Security

Hi there,

 

We are trying to get Clearpass to authenticate wireless clients based in Microsoft active directory (AD) through 802.1x.

 

Clearpass has been integrated with AD and it can successfully browse the domain and authenticate users via its CLI. However, users that are attempting to authenticate via an AP -> Controller are not able to connect.

 

Can you please point me in the right direction?

 

Thank you,

Andres

Did you create a wireless 802.1x service in clearpass using the Wizard?

 

When you say cli are you referring to the aaa test from the controller under diagnostics our is this for ssh access to the cli on the controller? I found I needed to watch out how I configured the service in cppm, and the role map and enforcement profile. If you used the wizard to create the service it may not exactly match the nature of the request as it comes in so it is processes correctly HTH.....? Access tracker always works for me. I'd check the request as it comes in and ensure the computed repose and result is what you expect.. Check the service is also using the correct authorisation source! Good luck sir!

Andres,

 

If your chosen EAP method is PEAP, the ClearPass Policy Manager will need to be joined to the AD domain to get native access to the password store.

 

Administration > Server Configuration

 

Rgds

 

Cam