Security

last person joined: 19 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Issue with Android Devices

This thread has been viewed 3 times

  • 1.  Issue with Android Devices

    Posted Mar 24, 2013 10:05 AM

    Hello All,

     

    I'm testing clearpass for a big implementaiton and while testing i found an issue with Android devices not able to connect to the provisioned network after the profile is pushed by clear pass, we are using TLS with Android devices and found out in the network settings of the SSID that was pushed the "phase 2 authentication" is not set and "user certificate" is showing unspecified, clicking on both options and choosing the correct settings solves the issue, did anybody face this before ?  I'm testing with Clearpass 6.0.2 which is the latest.

     

    Please help.



  • 2.  RE: Issue with Android Devices

    EMPLOYEE
    Posted Mar 24, 2013 11:18 AM
    @Islam Soliman wrote:

    Hello All,

     

    I'm testing clearpass for a big implementaiton and while testing i found an issue with Android devices not able to connect to the provisioned network after the profile is pushed by clear pass, we are using TLS with Android devices and found out in the network settings of the SSID that was pushed the "phase 2 authentication" is not set and "user certificate" is showing unspecified, clicking on both options and choosing the correct settings solves the issue, did anybody face this before ?  I'm testing with Clearpass 6.0.2 which is the latest.

     

    Please help.

    We need more detail to get to the bottom of this.

     

    Are you testing onboarding with Android devices?  Specifically, What android device are you testing with (it does matter)?

     



  • 3.  RE: Issue with Android Devices

    Posted Mar 24, 2013 11:26 AM
    yes onboarding. tested with samsung galaxy note 2 and samsung galaxy s2 samw result. works fine with ios devices and laptops no issues


  • 4.  RE: Issue with Android Devices

    EMPLOYEE
    Posted Mar 24, 2013 11:33 AM

    In the Onboard provisioning Settings, what is your Trust Setting for Android.?

     



  • 5.  RE: Issue with Android Devices

    Posted Mar 24, 2013 11:42 AM
    by trust u mean the certificate trust ?? in 6.0.2 it applies to all nothing special under android tab.


  • 6.  RE: Issue with Android Devices

    EMPLOYEE
    Posted Mar 24, 2013 11:51 AM

    Under Onboard> Network Settings> <That Network>> Trust, do you have it on Automatically Configure Trust settings?

     

    What version of android for those two devices?

     

    What version of Quickconnect from the Android Store?

     



  • 7.  RE: Issue with Android Devices

    Posted Mar 24, 2013 11:59 AM
    the trust is manual to new certificates created and works fine.
    android 4.0.4 & 4.1.2 , quick connect latest from the market

    tried with auto trust as well same thing. the client certificate is being pushed but it is not set in the network settings in the phome


  • 8.  RE: Issue with Android Devices

    EMPLOYEE
    Posted Mar 24, 2013 12:21 PM

    You will probably have to open a TAC case because we would have to obtain the quickconnect logs from the device to determine what is going on.  TLS with android does work in quite a few places.  We have to determine why it is not working in your environment.



  • 9.  RE: Issue with Android Devices

    Posted Mar 24, 2013 12:47 PM
    there is already a case open but it is taking time and thry checked the logs and said they couldn't fine any issue. I will check the certificates again and see. but 1 more thing how to change the name of the certificate that is being pushed to the device "the user certificate" ??? it always shows HP.
    also can tou please tell me how the certificates settings affects the profile that is being pushed and make it not choosing the client certificate that is pushed ? I want to know how this worka maybe I will be able to change something In the config.

    thanks a lot for the help


  • 10.  RE: Issue with Android Devices

    EMPLOYEE
    Posted Mar 24, 2013 12:53 PM
    @Islam Soliman wrote:
    there is already a case open but it is taking time and thry checked the logs and said they couldn't fine any issue. I will check the certificates again and see. but 1 more thing how to change the name of the certificate that is being pushed to the device "the user certificate" ??? it always shows HP.
    also can tou please tell me how the certificates settings affects the profile that is being pushed and make it not choosing the client certificate that is pushed ? I want to know how this worka maybe I will be able to change something In the config.

    thanks a lot for the help

    The" name" of the certificate usually matches the name of the WLAN that is being pushed.  You can try pushing an additional WLAN at the same time to see if it changes anything.

     

    The certificates setting does not necessarily affect the profile, but if you have "none",  and it works it would reveal a certificate trust issue.

     

    On android, there is not much you can actually change.  Are you using https on the web page to issue onboard certificates or http?