In that case, the pre-requisites seem fine, and issue can be in client configuration, ClearPass configuration or in between.
Did you find/follow the TEAP Configuration Guide, and/or this video on TEAP (note that the video suggests to disable anonymous authentication, but that doesn't work anymore but with anonymous authentication it should work as well).
In general, most issues I see are: client doesn't trust the server certificate (either root CA or servername/domain missing in client), client doesn't know which credentials to use (when multiple client certificates are present), or the mentioned fragmentation (which should occur with EAP-TLS as well).
Your Aruba partner or TAC may be able to check the (detailed) logs and see where the authentication stops.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Aug 02, 2024 03:47 PM
From: SK_1989
Subject: Getting Radius timeout error TEAP authentication
Hi Herman,
Noted on this. For our case the same client working fine for EAP-TLS.
Thank you
SK
Original Message:
Sent: 8/2/2024 10:13:00 AM
From: Herman Robers
Subject: RE: Getting Radius timeout error TEAP authentication
Can also be an issue with the client configuration, where the radius server trust is not set correctly, or there is no client certificate, or the end user is prompted for credentials (user/pass or certificate). Does the same client work with EAP-TLS?
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
Original Message:
Sent: Aug 01, 2024 09:23 AM
From: SK_1989
Subject: Getting Radius timeout error TEAP authentication
Hello All,
We are trying to apply new TEAP authentication in our environment, Configuration done on both CPPM and end points but it's not working.
Getting Timeout error in access tracker logs. Any suggestions to fix this?
Thank you
SK