Security

last person joined: yesterday 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Clearpass Guest self-certificate issue

  • 1.  Clearpass Guest self-certificate issue

    Posted Dec 28, 2020 11:45 AM

    Dear Arubers,

     

    I am writing to you about a problem encountered on CP server and IAP access points.

    I am configuring ClearPass server and I am having a strange certificate issue. After the automatic redirection to GUEST portal, a certificate error si shown. If we look at the certificate used, we find a certificate issued for « setmeup.arubanetworks.com ».

    However, on access-point, the Default CP server certificate is « securelogin.arubaneworks.com ». On Clearpass configuration, I changed the the HTTPS certificate (with a public authority) and let the GUEST default address « securelogin.arubaneworks.com » 

    So, I don't understand why this message is shown. Could you help me to fin a solution for this issue ?

     

    Thanks for your help :)



    ------------------------------
    J.B
    ------------------------------



  • 2.  RE: Clearpass Guest self-certificate issue

    Posted Dec 29, 2020 01:04 AM

    hi,

    it seems your redirection is not working maybe some wrong config on the iap captive portal profile

    please could you share some screen from the iap



    ------------------------------
    Alper
    ------------------------------



  • 3.  RE: Clearpass Guest self-certificate issue

    Posted Dec 29, 2020 08:23 AM

    Bonjour,

    You need to replace the certificate on IAP (and also change setting on ClearPass (securelogin.arubanetworks.com -> certificate of the IAP)



    ------------------------------
    PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

    PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

    PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

    ACEP / ACMX #107 / ACDX #1281
    ------------------------------