I am busy with clearPass deployment for a client, I have configured all the necessary configuration which need to be done, but when I am testing the following error occur.
The error message you get indicates that the client isn't configured correct.
Verify the following:
Can you post both your settings on the Authentication tab of the 802.1x service and the settings on the client.
What type of clients do you have and how do you configure the clients? Active Directory GPO, Intune, manually or other MDM solution?
Unable to config Microsoft EAP-TEAP authentication on Win11 client. No Microsoft EAP-TEAP, only Microsoft Tunnel EAP (TEAP). Getting following error:
Is a window 11 client, configured in AD GPO
Also just for you to note on ClearPass we have used a wildcard certificate.
In your screenshots you have different authentication methods specified on the client and in ClearPass.
To be able to utilize TEAP you also need to add this method in the Service in ClearPass. It's at the bottom of the drop-down, a bit hard to see as you need to scroll...
Regarding the wildcard certificate mentioned in the separate comment, wildcard should not be utilized as Radius EAP certificate. As HTTPS certificate wildcard can be utilized, but some limitations in use cases may apply when trying to use ClearPass Onboard on Apple iOS devices.
We have added TEAP on the authentication method but we are still get timeout error.
Often the message "Client did not complete EAP transaction" indicates that the client isn't configured correctly. In the TEAP settings you have to configure certificate validation correctly to match the Radius certificate of your ClearPass server.
Screenshots of the remaining TEAP settings may help in finding the issue.
The TEAP settings you want to see is for the client or from ClearPass?
Can you share with me a template with the step on how to configure that, so we can confirm if we have done it correct.
I don't have any documentation to provide for the TEAP configuration, but I think you can find good guidiance from the video posted by Herman Robers on the Airheads Broadcasting channel on Youtube, https://youtu.be/nTHQsBgRjb4?t=257
Pay attention on the certificate validation and CA trust parts
Here is a sample service configuration with TEAP . File password: aruba123
© Copyright 2023 Hewlett Packard Enterprise Development LPAll Rights Reserved.