03-23-2015 02:14 PM
Current environment has NPS server and Cisco WLC. Installed Aruba 7200 controllers and ClearPass. Installed the a radius certificate from the same windows CA server that signed the certificate for NPS. Users on the old Cisco / NPS environment with OSX dont get prompted to trust the NPS server certificate. When testing dot1x on new Aruba / ClearPass environment users get prompted to trust ClearPass certificate even though both NPS/ClearPass certs were signed by the same root CA. I am not a MAC person! Any ideas?
03-23-2015 03:35 PM
So we duplicated the settings from the WLC on the Aruba solution and on the windows side everything is so matched up that we didnt even need to change the GPO pushing the WiFi settings to the windows computer so I can safely say the setting must be pretty good. On the mac side we tried taking an existing machine to a part of the building that doesnt have the Cisco and only the Aruba and we get the error to trust the cert. We also get the error when we delete the profile and recreate it. It seems that the mac is not living up to the always trust this certificate setting when checked.
03-23-2015 03:43 PM
But after duplicating the settings, you were still pointing at ClearPass with a new cert correct?
Do you by chance have termination enabled in the 802.1X profile?
In ClearPass access tracker, is there an alerts tab for the authentication request?