New Contributor

Onboard - TLS Issues, User not found

Clearpass VA (ESXi) with Onboarding version

so trying to setup onboarding using a single SSID.. 


I have used the wizard to create the necessary services and policies. 

I have then created the necessary networks, CA Server and onboarding profiles. 


I have modified the pre-provisioning Enforcement profile to allow me to authenticate to AD for the PEAP portion of the process. 


I have then tested this with a windows 10 machine, the peap works fine and i can get to the onboarding page and download the software. I can run the software and get a Certificate installed (under the user's Certificate store) and the computer gets configured to then connect using TLS.


But the TLS Authentication fails with the error message

Error Code: 201
Error Category: Authentication failure
Error Message: User not found
 Alerts for this Request  
[Onboard Devices Repository] - localhost: User not found.
[Guest User Repository] - localhost: User not found.
EAP-TLS: Authentication failure, unknown user


I have looked under onboard and the user is registered and the device is registered as well.. 


What am i missing...

Guru Elite

Re: Onboard - TLS Issues, User not found

Make sure your identity store is added as an authentication source.


Also, dual SSID onboarding is recommended in most cases.

Tim Cappalli | Aruba Security TME
@timcappalli | | ACMX #367 / ACCX #480
Search Airheads
Showing results for 
Search instead for 
Did you mean: