Security

last person joined: 22 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

802.1X with CPMM for HPE switches

This thread has been viewed 1 times

  • 1.  802.1X with CPMM for HPE switches

    Posted Feb 22, 2017 10:43 AM
      |   view attached

    Hi,
    I got Clearpass which is authenticating login for switches and lan-access for users with 802.1x.

    I got 2 issues. The first is that when I authenticate my login to the switch, the users is allowed on Clearpass but not on my switch. So I do not get any access to it.

    The second is when I try to authenticate machine with 802.1x Wired on my 5130 switch. I got an error on Clearpass which says that there is a timeout.

    See the error in attachment

      
      
      
     

    Thank you for your help,

     

    Raphael,



  • 2.  RE: 802.1X with CPMM for HPE switches

    Posted Feb 22, 2017 12:51 PM

    For the timeout the likely issue is that the client does no trust the certificate that is installed on the ClearPass for RADIUS. Did you install a custom certifiate on ClearPass, or are you using the default self signed?

     

    On the client machine do you get a certificate warning, or have you selected the option to now allow users to bypass an invalid certificate?



  • 3.  RE: 802.1X with CPMM for HPE switches

    Posted Feb 23, 2017 03:37 AM

    No I did not install a certificate on Clearpass.

    On the client, I do not trust server certificate.

    The same configuration is working on Wifi but not on Wired connection.

    I am going to try to install a certificate approved by AD.

     

    For the connection on my switch (HPE 5130). Do you have any idea?