Security

Reply
Contributor I

Users connect when cert is revoked

Hi,

 

 I`m implementing an onboard solution. Since I need to create the certs manually, I install them on the PC but when revoke que cert on the clearpass, the users can still get into the networks, but it does not happen when use the quickconnect.

Re: Users connect when cert is revoked

Are you using OCSP Validation ?
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Guru Elite

Re: Users connect when cert is revoked

Are you using the same CA for the manual devices and the Onboarded devices?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor I

Re: Users connect when cert is revoked

Hi
I'm not using ocsp validation.
:
:
And using the same CA for both.. the idea is just to generate manual certs.
Guru Elite

Re: Users connect when cert is revoked

You need to use OCSP. That is how the authentication process validates the
validity of the certificate.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor I

Re: Users connect when cert is revoked

You mean, I need to use tjis on the auth method? Or activate that on the onboard CA?
Guru Elite

Re: Users connect when cert is revoked

[EAP TLS With OCSP Enabled] should work.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor I

Re: Users connect when cert is revoked

I set the [EAP TLS With OCSP Enabled] on the service but now no users can connect even when the cert is not revoked.

Guru Elite

Re: Users connect when cert is revoked

Please provide an access tracker dashboard details export.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor I

Re: Users connect when cert is revoked

Attach 2 files.. 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: