Hi
Yes, the information is correct. Azure AD doesn't have support for legacy authentication methods like EAP-PEAP.
In regards of onboarding, I think Cappalli is talking in a wider meaning, like in the meaning give clients access to the network, not ClearPass Onboard that require an extra license.
You can configure any CA to provision the certificates to your clients with Intune and configure ClearPass to trust this secific CA server. This way you will not need ClearPass Onboard licenses.
------------------------------
Best Regards
Jonas Hammarbäck
ACCX #1335, ACMP, ACDP, ACNSP, ACEP
Aranya AB
------------------------------
Original Message:
Sent: Sep 14, 2022 06:22 AM
From: Emilio Felipe S�nchez Jim�nez
Subject: CLEAR PASS AZURE EAP-PEAP
Hi team,
I read some post about CPPM and Azure integration but, sorry, I still have some doubts.
In our deploy we have cluster CPPM against Microsoft ADs doing 802.1x EAP-PEAP for wireless authentication with the native supplicant from OS , but in the future this ADs will desapear and all the accounts will be in Azure.
I read in old post from Cappalli "Legacy authentication methods are not possible with cloud identity providers. EAP-TLS is your only option." so the only option available seems to be onboarding users with their Azure acounts to use EAP-TLS.
Questions:
- Is still it the only posibility?
- Onboarding needs aditional licenses?
Thanks in advance.
EF