We are using VIA (v3.2) for remote access on Windows 10 laptops. We authenticate using User certificates which is working fine.
We have configured domain pre-connect on the VIA client profile so that Users of the VPN can log off and change passwords etc.
The problem is that when Clearpass authenticates the Machine cert. against AD it drops the host/ from the front of the machine name. It appears AD then tries to authenticate the laptop as a user and the authentication fails.
There is also an automatic TIPS role of [User Authenticated] generated.
Using the same machine cert on a WiFi or Wired (both 802.1x) connection Clearpass asks AD to authenticate with the host/ prefix intact and a TIPS role of [Machine Authentication]. This authenticates correctly.
Has anyone any idea why we lose the prefix using VIA.