Security

last person joined: 20 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Issues installing root cert and profile during Clearpass Onboard process

This thread has been viewed 1 times

  • 1.  Issues installing root cert and profile during Clearpass Onboard process

    Posted May 01, 2018 04:08 PM

    Good Afternoon,


    We recently upgraded to Clearpass 6.6.9 and since then I've had some issues with onboarding iOS devices.  First step is to install the root certificate to my device.  When I click on that to install, it opens a screen that has a bunch of gibberish on it, like it's opening the cert rather than installing it to the device.  This happens for both the root cert and the profile installation.

     

    Please see the photo below.

     

     InkedIMG_3939_LI.jpg



  • 2.  RE: Issues installing root cert and profile during Clearpass Onboard process

    EMPLOYEE
    Posted May 01, 2018 04:49 PM
    You need to bypass the Apple CNA for Onboard.


  • 3.  RE: Issues installing root cert and profile during Clearpass Onboard process

    Posted May 01, 2018 05:28 PM

    Thanks Tim, 

     

    Is there a way to do this without bypassing it for our guest access?  Currently we access the onboarding pages through our guest SSID.  We had some issues with it not redirecting to the guest registration page when using a normal browser, the CNA works much better for that.


    Thanks!



  • 4.  RE: Issues installing root cert and profile during Clearpass Onboard process

    EMPLOYEE
    Posted May 01, 2018 05:31 PM
    Unfortunately, no. The device vendors don’t allow downloads in the captive portal mini-browsers.


  • 5.  RE: Issues installing root cert and profile during Clearpass Onboard process

    Posted May 01, 2018 09:45 PM

    Hi Tim,

     

    Sorry to hijack the thread.. Is there anything similar to bypass CNA for Android devices or the only option is to manually whitelist the entries android use to test intenret connection?



  • 6.  RE: Issues installing root cert and profile during Clearpass Onboard process

    EMPLOYEE
    Posted May 01, 2018 10:03 PM
    The whitelist required for the Onboard process also bypasses the Android captive portal mini-browser.