Wireless Access

 View Only
last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Expand all | Collapse all

IAP witch ClearPass configuration Microsoft SSO login error

This thread has been viewed 24 times
  • 1.  IAP witch ClearPass configuration Microsoft SSO login error

    Posted 15 days ago

    IAP 315 and ClearPass Policy Manager 6.12.0.300732

    MicrosoftEntraID Cloud Identity - Social Media Authentication policy

    Can anyone share their experience with IAP and Microsoft Entra ID verification? When I configure IAP, the Microsoft login page pops up and it says that the certificate does not match and I cannot continue. The AP I manage with MM does not have this verification problem.



  • 2.  RE: IAP witch ClearPass configuration Microsoft SSO login error

    EMPLOYEE
    Posted 15 days ago

    It looks like the Microsoft login page is redirected as part of your captive portal. You should exclude the Entra ID authentication services from redirection. Check here for which domains to exclude.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 3.  RE: IAP witch ClearPass configuration Microsoft SSO login error

    Posted 12 days ago

    Hi Herman,

    Thanks, now I can authenticate via Entra ID, but after successful authentication, I am returned to the ClearPass management window and cannot access the network any further. What other configurations need to be checked?




  • 4.  RE: IAP witch ClearPass configuration Microsoft SSO login error

    EMPLOYEE
    Posted 12 days ago

    What ClearPass Appliciation are you trying to authenticate? Guest? Guest Operator? Policy Manager?

    Without knowing what you try to do and how/what you configured, it's hard to guide further.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 5.  RE: IAP witch ClearPass configuration Microsoft SSO login error

    Posted 6 days ago

    Hi Herman,

    I use ClearPass Guest to provide the authentication page and ClearPass Policy Manager Social Media Authentication to provide the authentication service.




  • 6.  RE: IAP witch ClearPass configuration Microsoft SSO login error

    EMPLOYEE
    Posted 5 days ago

    The configuration that you shared looks correct, so there probably is something wrong in configuration that you have not shared. There is configuration on ClearPass, the AP, the client that all needs to be aligned and in sync.

    I would run a trace in the browser (developer tools) and see/follow the process through the flow to see where it moves away from the expected path and what redirects you back to the ClearPass home page. From there find what is causing the deviation, and that probably is your solution. Your Aruba Partner or Aruba support may be able to assist in there. It's hard to know what is wrong without seeing the process and having full access.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------