02-01-2016 11:51 AM
I am having devices that all of a sudden will not use NAC and it is under one of two conditions.
1. If the device has more than one certificate and one of them is not a client auth or doesn't have email as the subject name or
2. The device has two client auth certificates and one of them is expired.
In both cases there was not an issue for several weeks and then all of a sudden the device stops working.
02-01-2016 11:54 AM
02-01-2016 02:59 PM
Does it reach Clearpass ? If yes, what is the output of this MAC in the access tracker.
If it doesn't you might want to look at 802.1X debugging on the controller which you can find in this document under the 802.1X section : http://community.arubanetworks.com/aruba/attachmen
02-02-2016 05:13 AM
The clients are Windows 7
Yes I understand that the client selects but if the computer has an old Computer Template Certificate all of a sudden clearpass will try and authenticate using that certificate instead of rejecting it and asking for another. Other uses of certificates don't behave this way they understand a particular certificate is expired and asks for another one.
02-02-2016 05:24 AM
02-02-2016 05:26 AM