Security

last person joined: 13 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

ClearPass and PEAP Password Change

This thread has been viewed 3 times

  • 1.  ClearPass and PEAP Password Change

    Posted Nov 29, 2018 09:26 AM
      |   view attached

    Ciao,

    recently I implemented the scenario where Paloalto GlobalProtect (GP) changes the password for the user authenticating in VPN.

    The protocol used is the PEAP and the password repository is Active Directory.

    The phases during the password change are:

     

    1) CPPM: rlm_mschap: Password must be changed.

    2) GP: PopUp asking to change the password

    3) CPPM: 

    Password Change succeeded.

    authenticating user "username", domain XXX
    rlm_mschap: user "username" authentication failed

    4) GP: PopUp asking to change the password again

    Result: THE PASSWORD has been changed !!!! And it works !!! but with the ClearPass error.

     

    Any Idea?

     

     

    Attachment(s)

    txt
    ccn_cpwd_error (but changed) anonimized.txt   18 KB 1 version