Wireless Access

Reply
Occasional Contributor I
Posts: 6
Registered: ‎11-01-2016

Guest Smtp authentication failure [SMTP: STARTTLS failed (code: 220)

Hi all

 

my problem is smtp auth. failure in guest service.  

under the "ClearPass Guest>Configuration>Receipts>Email receipt>Test Mail Settings"

generates the above SMTP:STARTTLS Fail code

(authentication failure [SMTP: STARTTLS failed (code: 220, response: 2.0.0 Ready to start TLS)] error message.)

 

ClearPass Policy Manager>Administration>External Servers>Messaging Setup>Send Test Email

successfully sends a message

 

running cppm version is 6.6.0.  

 

do you have experience with the subject? 

Aruba Employee
Posts: 1
Registered: ‎08-12-2015

Re: Guest Smtp authentication failure [SMTP: STARTTLS failed (code: 220)

Hi,

 

It is expected beahvior with 6.6.X versions if you have username and password fields mentioned in messaging setup in policy manager.

When SMTP server supports TLS and when we have username and password fields mentioned in messaging setup, guest module will always initiate the TLS connection. 

 

In order to complete this TLS transaction wither you could import the SSL certificate of SMTP server in trust list or you could disable TLS support on SMTP server.

 

Regards,

Pranav

Occasional Contributor I
Posts: 6
Registered: ‎11-01-2016

Re: Guest Smtp authentication failure [SMTP: STARTTLS failed (code: 220)

thanks for reply pranav, 

 

Our customers have upgraded themselves to 6.6 directly from cppm version 6.3. And it has begun to come out of possible errors from this process.

         .They get an error during  .1x authentication. The cppm access tracker also has AD pipe broken errors.

          At the same time, policy manager smtp settings are correct and test mail is being sent even though the  ,  do not send a mail to the guest service the   .  "smtp auth. Failed starttls " errors exist in Guest application logs  

 

So I want to rebuild it.

       My question is actually to use the factory default  with the "cluster reset-database" command over cli because They use the hardware appliance then Config. and database will remove and will open the 6.6 version again. or Does it fall in the old default version?

 

or; Again on the cli I see the 6.5 version of the  system boot-image list command. What gives me to use this command.?

 

thanks.

regards

murat

Occasional Contributor I
Posts: 6
Registered: ‎11-01-2016

Re: Guest Smtp authentication failure [SMTP: STARTTLS failed (code: 220)

Problem solved with downgrade 6.5.x version

 

thanks 

 

New Contributor
Posts: 1
Registered: ‎08-06-2012

Re: Guest Smtp authentication failure [SMTP: STARTTLS failed (code: 220)

We also encountered this issue. We searched the ClearPass Guest User Guide and found no mention of this "expected behavior".  Found it extremely frustrating that doing a test under ClearPass Policy Manager -> Messaging Setup worked, security set to None but username/password filled in, while testing under ClearPass Guest - SMTP Services failed because of "STARTTLS failed" even though CPPM messaging securty was set to none.

 

Please make both Policy Manager and Guest work the same, and optional include this expected behavior in your guide.

 

Thanks!

Search Airheads
Showing results for 
Search instead for 
Did you mean: