Wireless Access

 View Only
  • 1.  IAP witch ClearPass configuration Microsoft SSO login error

    Posted Jul 08, 2024 10:13 AM

    IAP 315 and ClearPass Policy Manager 6.12.0.300732

    MicrosoftEntraID Cloud Identity - Social Media Authentication policy

    Can anyone share their experience with IAP and Microsoft Entra ID verification? When I configure IAP, the Microsoft login page pops up and it says that the certificate does not match and I cannot continue. The AP I manage with MM does not have this verification problem.



  • 2.  RE: IAP witch ClearPass configuration Microsoft SSO login error

    Posted Jul 08, 2024 10:16 AM

    It looks like the Microsoft login page is redirected as part of your captive portal. You should exclude the Entra ID authentication services from redirection. Check here for which domains to exclude.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 3.  RE: IAP witch ClearPass configuration Microsoft SSO login error

    Posted Jul 10, 2024 11:59 PM

    Hi Herman,

    Thanks, now I can authenticate via Entra ID, but after successful authentication, I am returned to the ClearPass management window and cannot access the network any further. What other configurations need to be checked?




  • 4.  RE: IAP witch ClearPass configuration Microsoft SSO login error

    Posted Jul 11, 2024 11:06 AM

    What ClearPass Appliciation are you trying to authenticate? Guest? Guest Operator? Policy Manager?

    Without knowing what you try to do and how/what you configured, it's hard to guide further.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 5.  RE: IAP witch ClearPass configuration Microsoft SSO login error

    Posted Jul 17, 2024 08:18 AM

    Hi Herman,

    I use ClearPass Guest to provide the authentication page and ClearPass Policy Manager Social Media Authentication to provide the authentication service.




  • 6.  RE: IAP witch ClearPass configuration Microsoft SSO login error

    Posted Jul 18, 2024 05:47 AM

    The configuration that you shared looks correct, so there probably is something wrong in configuration that you have not shared. There is configuration on ClearPass, the AP, the client that all needs to be aligned and in sync.

    I would run a trace in the browser (developer tools) and see/follow the process through the flow to see where it moves away from the expected path and what redirects you back to the ClearPass home page. From there find what is causing the deviation, and that probably is your solution. Your Aruba Partner or Aruba support may be able to assist in there. It's hard to know what is wrong without seeing the process and having full access.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------