Local User Repository is fine, in fact, I recently found out that when using EAP-TLS without authorization, you can even leave the authentication sources empty. But before, I just put in something like Local Users or Endpoint Repository, as it is not used anyway.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
------------------------------
Original Message:
Sent: Apr 07, 2021 05:07 AM
From: Sebastian Johansen
Subject: setup epa-tls with oscp but no auth source on clearpass
Thanks, removed the authorization required now.
On the service part, which authentication sources should we have? Currently is sat to "local user repository"
------------------------------
Sebastian Johansen
Original Message:
Sent: Apr 07, 2021 03:23 AM
From: Herman Robers
Subject: setup epa-tls with oscp but no auth source on clearpass
Most important step is to create a new EAP-TLS Authentication method that has Authorization disabled (and OCSP enabled). The Authorization required option controls if a check is done to an authentication source.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
Original Message:
Sent: Apr 07, 2021 01:23 AM
From: Sebastian Johansen
Subject: setup epa-tls with oscp but no auth source on clearpass
Oh how about that, you don't have an step by step setup for this? Fiarly new to clearpass
------------------------------
Sebastian Johansen
Original Message:
Sent: Apr 06, 2021 10:18 AM
From: Tim C
Subject: setup epa-tls with oscp but no auth source on clearpass
Yes, this is the most common deployment.
------------------------------
Tim C
Original Message:
Sent: Apr 06, 2021 05:51 AM
From: Sebastian Johansen
Subject: setup epa-tls with oscp but no auth source on clearpass
Hi
Anyone done this before? We only want clearpass to check if cert is OK
------------------------------
Sebastian Johansen
------------------------------