Security

Reply
New Contributor
Posts: 1
Registered: ‎05-29-2017

Onboard - TLS Issues, User not found

[ Edited ]

Clearpass VA (ESXi) with Onboarding version 6.6.5.93747

so trying to setup onboarding using a single SSID.. 

 

I have used the wizard to create the necessary services and policies. 

I have then created the necessary networks, CA Server and onboarding profiles. 

 

I have modified the pre-provisioning Enforcement profile to allow me to authenticate to AD for the PEAP portion of the process. 

 

I have then tested this with a windows 10 machine, the peap works fine and i can get to the onboarding page and download the software. I can run the software and get a Certificate installed (under the user's Certificate store) and the computer gets configured to then connect using TLS.

 

But the TLS Authentication fails with the error message

Error Code: 201
Error Category: Authentication failure
Error Message: User not found
 Alerts for this Request  
RADIUS
[Onboard Devices Repository] - localhost: User not found.
[Guest User Repository] - localhost: User not found.
EAP-TLS: Authentication failure, unknown user

 

I have looked under onboard and the user is registered and the device is registered as well.. 

 

What am i missing...

Guru Elite
Posts: 8,761
Registered: ‎09-08-2010

Re: Onboard - TLS Issues, User not found

Make sure your identity store is added as an authentication source.

 

Also, dual SSID onboarding is recommended in most cases.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
Showing results for 
Search instead for 
Did you mean: