Security

last person joined: yesterday 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Strange VIA client issue

This thread has been viewed 12 times
  • 1.  Strange VIA client issue

    Posted Mar 04, 2020 03:02 PM

    Hi all,

     

    Got a new Windows 10 build I’m sorting out. I’ve put the latest VIA software on it for our VPN solution. 

    connects fine and seems to work ok; however, sometimes when it looses connection it then wants to confirm want certificate to use. 

    So we use user certificate for authentication onto our solution with a 7210 controller and Clearpass. 

    worse still, when it asks you to confirm the cert, it then freezes and makes you re download the whole profile again. 

    anyone else seen this? Is it something to do with our laptop build or is there a bug in latest VIA?

     

    to confirm; this happens on the odd occasion where the connection has been lost and the only way to fix is to download the profile again and start from the beginning. 

    thanks 



  • 2.  RE: Strange VIA client issue

    Posted Mar 06, 2020 09:45 AM

    I’ve narrowed this down to a certificate criteria issue in the profile. 

    now I’ve added a certificate criteria option in the VIA settings that look for a particular field in the certificate. However when we test it, it still shows us all our certificates instead of narrowing it down to the criteria I’ve entered

     

    anybody else seen this?



  • 3.  RE: Strange VIA client issue

    Posted Mar 07, 2020 12:55 PM

    Bit more info for this

     

    We can see from the laptop logs, that the value we enter in the cert criteria field is being seen. But it’s like the value is being ignored. 

    The field to filter on is certicateIssuer=“name here”

     

    did it in quotation marks as it has spaces in there. 

    Also, when the VIA client loads on the LAN ... it says untrusted network and launches a VPN connection internally on our network.  I can see the HTTPs / 443 connection is getting to our controller internally; but it still thinks the network is untrusted. Any ideas why?



  • 4.  RE: Strange VIA client issue

    Posted Oct 18, 2021 10:28 AM
    Hello,

    Did you ever find a solution to the certificate criteria not working?  I am also trying to use certicateIssuer="name", but it doesn't seem to use it.  I can see it being set correctly in the client logs, like you. 

    Thank you,

    ------------------------------
    Jeremy Lasher
    ------------------------------