You mention "too many redirects" message. This typically means the user role does not have access to ClearPass; thus the attempt is in a redirection loop.
You'll need to allow http/https to your ClearPass IP while the user is in the logon-role for your network:
Create a netdestination for your CPPM server(s)
netdestination clearpass-servers
host x.x.x.x
Allow http/https to this netdestination within the logon role
user alias clearpass-servers svc-http permit
user alias clearpass-servers svc-https permit