Security

Hello,

I have come across a situation where windows recently updated and within the Windows 11 22h2 & 23h2 latest update. There is authentication EAP-TLS 1.3 which is on by default, from my gathering currently. I on the other hand also know that ClearPass cannot authenticate devices yet with EAP-TLS 1.3. Is there any way to bypass this and allow ClearPass to authenticate devices again? Anything helps, thanks.

The devices should fail back to TLS 1.2 though.   Is there a GPO or some other mechanism that is enforcing TLS 1.3 for EAP?  What EAP type are you using?  

Hello,

I have come across a situation where windows recently updated and within the Windows 11 22h2 & 23h2 latest update. There is authentication EAP-TLS 1.3 which is on by default, from my gathering currently. I on the other hand also know that ClearPass cannot authenticate devices yet with EAP-TLS 1.3. Is there any way to bypass this and allow ClearPass to authenticate devices again? Anything helps, thanks.

EAP-TLS 1.2 and 1.3 are currently both on for any device. Is there anything to check to make sure that it is supposed to fall back, that I have mis checked?  The EAP types are in use TLS and PEAP.

The devices should fail back to TLS 1.2 though.   Is there a GPO or some other mechanism that is enforcing TLS 1.3 for EAP?  What EAP type are you using?  

Hello,

I have come across a situation where windows recently updated and within the Windows 11 22h2 & 23h2 latest update. There is authentication EAP-TLS 1.3 which is on by default, from my gathering currently. I on the other hand also know that ClearPass cannot authenticate devices yet with EAP-TLS 1.3. Is there any way to bypass this and allow ClearPass to authenticate devices again? Anything helps, thanks.

EAP-TLS 1.2 and 1.3 are currently both on for any device. Is there anything to check to make sure that it is supposed to fall back, that I have mis checked?  The EAP types are in use TLS and PEAP.

The devices should fail back to TLS 1.2 though.   Is there a GPO or some other mechanism that is enforcing TLS 1.3 for EAP?  What EAP type are you using?  

Hello,

I have come across a situation where windows recently updated and within the Windows 11 22h2 & 23h2 latest update. There is authentication EAP-TLS 1.3 which is on by default, from my gathering currently. I on the other hand also know that ClearPass cannot authenticate devices yet with EAP-TLS 1.3. Is there any way to bypass this and allow ClearPass to authenticate devices again? Anything helps, thanks.

Hello,

I have come across a situation where windows recently updated and within the Windows 11 22h2 & 23h2 latest update. There is authentication EAP-TLS 1.3 which is on by default, from my gathering currently. I on the other hand also know that ClearPass cannot authenticate devices yet with EAP-TLS 1.3. Is there any way to bypass this and allow ClearPass to authenticate devices again? Anything helps, thanks.