Looks like a misconfiguration on the device or on your service/policies. Reason can be close to anything with this limited amount of information. Device does not authenticate with a client certificate (EAP-TLS/TEAP), where the service expects that to check the device in Intune, but that in itself is no reason to not authenticate.
May be good to work with your Aruba partner or Aruba TAC to check design, configuration, logs, etc.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Jul 23, 2024 09:33 AM
From: manurangas
Subject: Authetication fail with clearpass- iOS
When iOS device trying to authenticate with clearpass via wifi ,get below error message. What could be the reason. ?
2024-07-23 15:10:19,755 | [HttpModule-ThreadPool-16-0x7f6ffd0d0700 r=R00049aea-06-669fabbb h=142] WARN Util.ParameterizedString - getReplacedStrings: Failed to replace parameString =%{Certificate:Subject-CN}, error=No values for param=Certificate:Subject-CN | |
2024-07-23 15:10:19,755 | [HttpModule-ThreadPool-16-0x7f6ffd0d0700 r=R00049aea-06-669fabbb h=142] ERROR Http.HttpAutzSession - queryAutzAttributes: Failed to construct path from %{Certificate:Subject-CN} | |
2024-07-23 15:10:19,755 | 2024-07-23 15:10:19,758 | [HttpModule-ThreadPool-14-0x7f6ffd4d2700 r=R00049aea-06-669fabbb h=140] WARN Util.ParameterizedString - getReplacedStrings: Failed to replace parameString =%{Certificate:Subject-CN}, error=No values for param=Certificate:Subject-CN |
| 2024-07-23 15:10:19,758 | [HttpModule-ThreadPool-14-0x7f6ffd4d2700 r=R00049aea-06-669fabbb h=140] ERROR Http.HttpAutzSession - queryAutzAttributes: Failed to construct path from %{Certificate:Subject-CN} |
| 2024-07-23 15:10:19,758 | [HttpModule-ThreadPool-14-0x7f6ffd4d2700 r=R00049aea-06-669fabbb h=140] ERROR Http.HttpAutzSession - Failed to get value for attributes=Intune Device Name, Intune ID, Intune User ID] |
2024-07-23 15:10:19,769 | [RequestHandler-1-0x7f6f7e3f4700 r=R00049aea-06-669fabbb h=5745290 c=R00049aea-06-669fabbb] WARN Core.PETaskPostAuthEnfProfileBuilder - handleHttpResponseEv: Fetching Radius attributes from battery failed, errMsg= |
2024-07-23 15:10:19,769 | [RequestHandler-1-0x7f6f7e3f4700 r=R00049aea-06-669fabbb h=5745290 c=R00049aea-06-669fabbb] INFO Core.PETaskPostAuthEnfProfileBuilder - getApplicableProfiles: No Post auth enforcement profiles applicable for this device |
2024-07-23 15:10:19,769 | [RequestHandler-1-0x7f6f7e3f4700 r=R00049aea-06-669fabbb h=5745287 c=R00049aea-06-669fabbb] WARN Core.PETaskRadiusCoAEnfProfileBuilder - handleHttpResponseEv: Fetching Radius attributes from battery failed, errMsg= |