Security

 View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Authetication fail with clearpass- iOS

This thread has been viewed 4 times

  • 1.  Authetication fail with clearpass- iOS

    Posted 13 hours ago

    When iOS device trying to authenticate with clearpass via wifi ,get below error message. What could be the reason. ?

    2024-07-23 15:10:19,755 [HttpModule-ThreadPool-16-0x7f6ffd0d0700 r=R00049aea-06-669fabbb h=142] WARN Util.ParameterizedString - getReplacedStrings: Failed to replace parameString =%{Certificate:Subject-CN}, error=No values for param=Certificate:Subject-CN
    2024-07-23 15:10:19,755 [HttpModule-ThreadPool-16-0x7f6ffd0d0700 r=R00049aea-06-669fabbb h=142] ERROR Http.HttpAutzSession - queryAutzAttributes: Failed to construct path from %{Certificate:Subject-CN}
    2024-07-23 15:10:19,755 2024-07-23 15:10:19,758 [HttpModule-ThreadPool-14-0x7f6ffd4d2700 r=R00049aea-06-669fabbb h=140] WARN Util.ParameterizedString - getReplacedStrings: Failed to replace parameString =%{Certificate:Subject-CN}, error=No values for param=Certificate:Subject-CN
    2024-07-23 15:10:19,758 [HttpModule-ThreadPool-14-0x7f6ffd4d2700 r=R00049aea-06-669fabbb h=140] ERROR Http.HttpAutzSession - queryAutzAttributes: Failed to construct path from %{Certificate:Subject-CN}
    2024-07-23 15:10:19,758 [HttpModule-ThreadPool-14-0x7f6ffd4d2700 r=R00049aea-06-669fabbb h=140] ERROR Http.HttpAutzSession - Failed to get value for attributes=Intune Device Name, Intune ID, Intune User ID]
    2024-07-23 15:10:19,769 [RequestHandler-1-0x7f6f7e3f4700 r=R00049aea-06-669fabbb h=5745290 c=R00049aea-06-669fabbb] WARN Core.PETaskPostAuthEnfProfileBuilder - handleHttpResponseEv: Fetching Radius attributes from battery failed, errMsg=
    2024-07-23 15:10:19,769 [RequestHandler-1-0x7f6f7e3f4700 r=R00049aea-06-669fabbb h=5745290 c=R00049aea-06-669fabbb] INFO Core.PETaskPostAuthEnfProfileBuilder - getApplicableProfiles: No Post auth enforcement profiles applicable for this device
    2024-07-23 15:10:19,769 [RequestHandler-1-0x7f6f7e3f4700 r=R00049aea-06-669fabbb h=5745287 c=R00049aea-06-669fabbb] WARN Core.PETaskRadiusCoAEnfProfileBuilder - handleHttpResponseEv: Fetching Radius attributes from battery failed, errMsg=


  • 2.  RE: Authetication fail with clearpass- iOS

    EMPLOYEE
    Posted 11 hours ago

    Looks like a misconfiguration on the device or on your service/policies. Reason can be close to anything with this limited amount of information. Device does not authenticate with a client certificate (EAP-TLS/TEAP), where the service expects that to check the device in Intune, but that in itself is no reason to not authenticate.

    May be good to work with your Aruba partner or Aruba TAC to check design, configuration, logs, etc.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------

    Original Message