Security

 View Only
  • 1.  802.1x wired "Request timed out" in CPPM

    Posted 15 days ago

    Hi Team,

    I'm getting "Request timed out", when I credit wrong password. It should be Access Reject.

    I'm checking Authfail test. Please help me in this scenario.



  • 2.  RE: 802.1x wired "Request timed out" in CPPM

    Posted 15 days ago

    Why are you using MSCHAP?



    ------------------------------
    Carson Hulcher, ACEX#110
    ------------------------------



  • 3.  RE: 802.1x wired "Request timed out" in CPPM

    Posted 15 days ago

    Hi, CPPM is new for me, should i remove MSCHAP?




  • 4.  RE: 802.1x wired "Request timed out" in CPPM

    Posted 15 days ago

    If you're setting up an 802.1X service, yes.  The only method in that list that should be valid in any environment is EAP-PEAP.

    For guidance on setting up an 802.1X service in ClearPass, I'd recommend investigating some of the videos available on YouTube as part of the Airheads Broadcasting Channel.



    ------------------------------
    Carson Hulcher, ACEX#110
    ------------------------------



  • 5.  RE: 802.1x wired "Request timed out" in CPPM

    Posted 14 days ago

    Now MSCHAP is not selected and it's showing MSCHAP failed.




  • 6.  RE: 802.1x wired "Request timed out" in CPPM

    Posted 14 days ago

    What are you trying to do?  The configuration you're showing is all over the board with a weird mix of methods and sources.  What are you authenticating?  What method are you trying to use?



    ------------------------------
    Carson Hulcher, ACEX#110
    ------------------------------



  • 7.  RE: 802.1x wired "Request timed out" in CPPM

    Posted 13 days ago

    I'm trying to authenticate through PEAP.  Now if I fill wrong credential than CPPM should be show "reject or auth fail" but CPPM is showing timeout.  




  • 8.  RE: 802.1x wired "Request timed out" in CPPM

    Posted 13 days ago

    If you type in Correct credentials is it working properly? 



    ------------------------------
    Shpat | ACEP | ACMP | ACCP | ACDP |
    -Just an Aruba enthusiast and contributor by cases-
    ------------------------------



  • 9.  RE: 802.1x wired "Request timed out" in CPPM

    Posted 13 days ago

    If i type correct credential than it's working properly.

    I am testing authfail scenario, if I type wrong credential than CPPM should show "Reject or access deny or auth fail" in login Status 




  • 10.  RE: 802.1x wired "Request timed out" in CPPM

    Posted 13 days ago
    Edited by chulcher 13 days ago

    Remove the auth methods other than PEAP.  Remove the auth sources that you aren't actually using, like Endpoints and Admin for sure.

    PEAP/MS-CHAPv2 behavior is to prompt for input again at the supplicant if the credentials are incorrect.  If no input is received from the supplicant then timeout would be the valid reason code.



    ------------------------------
    Carson Hulcher, ACEX#110
    ------------------------------