Security

I have a clearpass, and when I perform 802.1x authentication I have authentication drawbacks. When validating by SSH, I have the following error

I have installed clearpass again, I have promoted it again to the domain and the problem persists. I was working well in the afternoon and already at night this problem was presented

Hi,

Are you using EAP-MSCHAPv2 protocol to authenticate the users, it looks you are using AD as authentication source, did you join clearpass to ad domain. Could you check below stesp

1) Test if the Join to the domain is successful. This can be tested using the command :

ad testjoin <domain NETBIOS name>

For example :

[appadmin@AB-CP-Pub-6_3]# ad testjoin AB
Join is OK

The above test fails if there are any communication issues between the AD and the Clearpass.
If the above fails, a quick solution would be to leave Clearpass from the domain and rejoin it.

2) Test if users can successfully perform MSCHAPv2 auth from the CLI using the command :

ad  auth -u <username> -n <domain NETBIOS name>

For example :

[appadmin@AB-CP-Pub-6_3]# ad auth -u Aruba -n AB
password:
ERROR -  NT_STATUS_NO_SUCH_USER: No such user (0xc0000064)

[appadmin@AB-CP-Pub-6_3]# ad auth -u ca -n AB
password:
ERROR -  NT_STATUS_WRONG_PASSWORD: Wrong Password (0xc000006a)

[appadmin@AB-CP-Pub-6_3]# ad auth -u ca -n AB
password:
INFO -  NT_STATUS_OK: Success (0x0)

Regards,

Pavan

If my post addressess your query give kudos:)