Security

 View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

ClearPass Guest - Operator Login - Failing in 6.11?

This thread has been viewed 10 times
  • 1.  ClearPass Guest - Operator Login - Failing in 6.11?

    Posted Feb 20, 2024 04:05 AM

    Wondering if there is a change of behaviour in 6.11 that is in play here, but I'm struggling to the Guest Operator Logins working with an external auth source (in this case AD).

    As usual, I've copied the existing [Guest Operator Logins] policy and created my own role mapping and enforcement policies.

    When I go to login, Access Tracker is showing an 'ACCEPT' but Event Viewer and the Guest Application Log are reporting  'Login Failed' and 'Failed operator login attempt'.

    I'm successfully using a custom service  to login to policy manager itself using the same AD, and I can login to Guest using the built in admin account, or another test admin account.

    Has anyone else got a working configuration from 6.11?



  • 2.  RE: ClearPass Guest - Operator Login - Failing in 6.11?

    Posted Feb 20, 2024 04:10 AM

    Hi

    Yes, I have successfully created Guest Operator Login services in 6.11, with the same process as you have described.



    ------------------------------
    Best Regards
    Jonas Hammarbäck
    MVP Guru 2024, ACEX, ACDX #1600, ACCX #1335, ACX-Network Security, Aruba SME, ACMP, ACSA
    Aranya AB
    If you find my answer useful, consider giving kudos and/or mark as solution
    ------------------------------



  • 3.  RE: ClearPass Guest - Operator Login - Failing in 6.11?
    Best Answer

    EMPLOYEE
    Posted Feb 20, 2024 04:12 AM

    Have not heard any issues around this, and just tested with operator in AD, and that just works.

    Did you return a valid Operator Role in Application:admin_privileges?



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 4.  RE: ClearPass Guest - Operator Login - Failing in 6.11?

    Posted Feb 20, 2024 04:58 AM

    Thanks Herman,

    The logs were also saying the same thing:

    See if you can spot my mistake :P

    Fixed by updating to this: