If you can't do MDM to deploy your certificates, you could consider Onboard with MFA authorization. If you check the Onboard and Cloud Identity providers document available at
arubanetworks.com/clearpassdocs, you may be able to make the same work with Entrust assuming they support SAML2 or OAuth.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Jan 10, 2022 06:45 PM
From: Mathew George
Subject: ClearPass 802.1X Auth with MFA (Entrust)
As mentioned by Eliasz, one way is to redirect users to a captive portal page after 802.1x and then performing 2FA auth. Doing this for every auth would result in poor UX. I have seen this implemented in a way where 2FA is required after every X-hours.
------------------------------
Mathew George
Original Message:
Sent: Jan 10, 2022 04:55 AM
From: Alberto Miras Gil
Subject: ClearPass 802.1X Auth with MFA (Entrust)
Hi everyone,
I'm trying to implement a MFA Auth (with Entrust) using 802.1X in ClearPass. I've seen that it's only have been natively implemented with DUO and GoVerifID.
Any recommendations about how to perform this integration with Entrust? I've found zero documentation about it.
Is it recommended (for the UX for example) to perform MFA with 802.1X?
Any help or advice would be appreciated!
Thanks in advance!
A.
------------------------------
Alberto Miras Gil
------------------------------