Security

Syazusyazu923 · 2 weeks ago

By using ClearPass, certificate is distributed to clients so that the client can access the network (EAP TLS). Clients can access the network by using distributed certificate. Once a client accessed the network, is there any way to deny that client from accessing the network by making the distributed certificate invalid? Thanks in advance.

airsecxd · 2 weeks ago

Hi Syazusyazu923,

of cause there is a way. Key words are CRL or OCSP.

Greetings

Syazusyazu923 · 2 weeks ago

Thanks!

I will check the information about OCSD in ClearPass!

@airsecxd wrote:
Hi Syazusyazu923,

of cause there is a way. Key words are CRL or OCSP.

Greetings

Syazusyazu923 · 2 weeks ago

Hi. I already configured authentication method to use the tls with ocsp enabled. In the ocsp settings, I inserted the ocsp URL, and successfully revoked the certificate. Unfortunately, I was unable to unrevoked the certificate so that the client can access the network again. Please give me some suggestion or hint. Thanks in advance!

msabin · a week ago

As I understand certificate rules, revoke is one-way. To "unrevoke" you re-issue a new certificate.

--Matthew

if I've helped, please give kudos
if I've provided a solution, please mark the solution so others can find it

airsecxd · a week ago

As msabin stated, you can not "unrevoke".
Your client needs to request and receive a new certificate from the PKI.

Syazusyazu923 · Thursday

Thank you very much!

Syazusyazu923 · Thursday

Again, thanks a lot! Finally got the answer for my question!

Security

Clear Pass certification

Re: Clear Pass certification

Re: Clear Pass certification

Re: Clear Pass certification

Re: Clear Pass certification

Re: Clear Pass certification

Re: Clear Pass certification

Re: Clear Pass certification

Step-by-Step: How to Configure Microsoft IAS Radius Server from Scratch

limiting the number of device s a user can have

MDAC Issues - Failed association

Aruba support LEAP?

Cant find Amigopod sizing Guide.

Aruba Deployment with Firewalls

Remote AP

ap uptime

COTD: Configuring ARM scanning for any client type

COTD: View the 802.1x Authentication Process

WPA-PSK and VLAN assignment via MAC address

Remove wireless profiles on Windows XP machines

Rolling out 802.1x with GTC

VMware Wireless Bridging

Resetting MAC OSX Leopard Wireless

Aruba Instant 6.4.2.6-4.1.1.10 Released 9/28/15

Re: ArubaOS Downloads

Aruba Instant 6.4.2.6-4.1.1.11 Released 11/27/2015

Remote AP Networks

Indoor 802.11n Site Survey and Planning

ClearPass Policy Manager 6.3 User Guide

Lync Over Aruba WiFi

ClearPass Guest 6.4 User Guide

Security

Clear Pass certification

Re: Clear Pass certification

Re: Clear Pass certification

Re: Clear Pass certification

Re: Clear Pass certification

Re: Clear Pass certification

Re: Clear Pass certification

Re: Clear Pass certification

Follow Us