Security

 View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

ClearPass in Azure - EAP-TLS timeout

This thread has been viewed 9 times
  • 1.  ClearPass in Azure - EAP-TLS timeout

    Posted Sep 04, 2024 07:19 AM

    Anyone know of any issues with ClearPass deployed in Microsoft Azure with EAP-TLS timeouts if the client and CP receive their certificate from an intermediate instead of the root CA. Seems that it might be a MTU sizing issue due to the too big of a cert chain + the inability by Azure to handle UDP correctly (packet reorderning). Moving to radsec might solve this, but then we would lose Central Cloud guest (as an AP can only have 1 radsec server).

    Thanks!



  • 2.  RE: ClearPass in Azure - EAP-TLS timeout

    EMPLOYEE
    Posted Sep 04, 2024 09:58 AM

    Make sure that EAP fragmentation is enabled on the network device and set at a suitably low enough size for network traversal without further fragmentation.



    ------------------------------
    Carson Hulcher, ACEX#110
    ------------------------------