Security

last person joined: 29 minutes ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).

Windows 7 devices(some) failing PEAP with error code 215

  • 1.  Windows 7 devices(some) failing PEAP with error code 215

    Posted Apr 27, 2017 09:39 AM

    We installed a new certificate in Clearpass 6.6.3 server but had to back it out because 30 out of 1000's of clinical workstations were failing PEAP authentication with error code 215.

     

    Some info about new cert:

    -Addtrust Root Authority same as old certificate but 2 extra intermediates that had to be added to Clearpass trust list.

    -1 cert with "generic" CN and multiple SANs used for 3 servers. SANs exactly match server names/dns.

     

    Windows clients configured via GPO, that has Addtrust server checked. 1000's working properly, 30 failing.

     

    A "rebuild" of one of the failing devices solved the issue by is time consuming. What could be missing from the other problematic devices? Corrupt cert store?