Security

 View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

VIA unable to download profile with client certificate authentication

This thread has been viewed 20 times

  • 1.  VIA unable to download profile with client certificate authentication

    Posted Oct 14, 2020 03:27 PM

    We have EAP-TLS VIA working but I'd like the users to be able to download the profile with client certificates instead of username/password (so that we wouldn't have to put password in the installation scripts...). I've added tcp/8085 in the controller whitelist and selected the option to use client certs in connection profile, but I'm only getting "Profile selection canceled" when I try to connect to the VPNC and download the profile. It's Central managed VPNC.

     

    Anyone had similar issues?



  • 2.  RE: VIA unable to download profile with client certificate authentication

    Posted Nov 05, 2020 02:31 AM
    Yes, the very same issue here as well. I was struggling with this, took packet captures and monitored controller logs and datapath. Verified VIA was trying to reach controller using 8085 but since it's encrypted I wasn't able to dig into the details. Aruba TAC told me it's a bug and engineering is working on it. Unfortunately I don't have any clue when the fix is available...


    Original Message


  • 3.  RE: VIA unable to download profile with client certificate authentication

    EMPLOYEE
    Posted Nov 09, 2020 03:41 AM
    Hi.

    Did you guys test the 4.0.3 VIA client.
    It includes some fixes to downloading profiles.

    https://www.arubanetworks.com/techdocs/VIA/4x/Content/RNs/via-403.htm


    ------------------------------
    Tom Roholm
    ------------------------------

    Original Message