Security

 View Only
last person joined: 3 days ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Clearpass Issue

This thread has been viewed 9 times
  • 1.  Clearpass Issue

    Posted Dec 03, 2023 10:27 AM

    Howdy - I had a very strange problem that happened the other day. In Services, I made a copy of our production wifi and set to #28 in the priority list - I made copies of the role map and enforcement so I can have this new 802.1x services all by itself. I'm also using SCEPman with Jamf -- it was working correctly all week and then all of sudden the access tracker stopped showing - couldnt see any connections or rejects at all. So I disabled my service that I created and boyahh access tracker starts showing events again ....has anyone had this happen? 



  • 2.  RE: Clearpass Issue

    EMPLOYEE
    Posted Dec 06, 2023 08:43 AM

    Did you enable an Azure AD (Entra ID) AuthZ as one of your Authentication Sources?

    If so, move it as an Authorization Source. This is a known issue that authentication stops when Azure AD is added as Authentication Source, and I think it has been fixed in the later 6.11.x releases already.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 3.  RE: Clearpass Issue

    Posted Dec 06, 2023 03:13 PM
    Thats exactly what happened. I was using Local AD as the Auth and then changed it to Azure AD -- were running 6.11.3.253363 

    Brian Mitchell (he/him) | Director Of IT

    Dwight School New York

    18 West 89th Street, New York, NY 10024

    212-724-6360 x456 | dwight.edu