01-04-2016 08:33 AM
1) if i do include ocsp url in the client cert, is the oscp request sent out by client or the clearpass?
2) if i do not include ocsp url in the client cert, instead i overwrite oscp url from client in the authentication method; is the oscp request sent out by client or the clearpass?
Solved! Go to Solution.
01-04-2016 08:36 AM
2. Clearpass determines (a) If there is an OCSP request (b) If it will choose the client's URL or (c) If it will choose its own..
EAP-TLS clients do not have an ip address until they authenticate, so that traffic cannot come from the client....
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
01-04-2016 09:38 AM - edited 01-04-2016 09:40 AM
lets say i have a cluster of CP with different zone (Zone A,B) and i use onboard CA (ZoneA), i will need to allow from zone B data port ip for to zone A OSCP url port 80??