Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass Basic setup

This thread has been viewed 7 times

  • 1.  Clearpass Basic setup

    Posted Nov 16, 2015 10:08 AM

    Hi team

     

    I have a controller and Clearpass.

    I am trying to configure a simple 802.1x network for devices to connect.

     

    I read integration guide 1.3 to integrate controller and clearpass.

     

    Create a local user in Clearpass local DB, but i am getting two kinds of errors:

     

    1. with an android gets

    User authentication failed
    MSCHAP: Authentication failed
    EAP-MSCHAPv2: User authentication failure
     
     
    With windows PC get:
     
    Local User Repository] - localhost: User not found.
    EAP: Client doesn't support configured EAP methods
     
    It seems that something is wrong..

    Could you help?
     

    Regards
     
     


  • 2.  RE: Clearpass Basic setup

    EMPLOYEE
    Posted Nov 16, 2015 10:40 AM

    Attached is a screenshot of my service setup.  I have a user in Identity> Local users that I am authenticating via 802.1x including an external AD server:

     

    basic.png



  • 3.  RE: Clearpass Basic setup

    Posted Nov 16, 2015 10:55 AM
      |   view attached

    Hi cjoseph

     

    mine is like yours , i suppose.

     

    I am not yet authenticated against AD.

     

    Just simple authentication with a local user

     

    Regards

     



  • 4.  RE: Clearpass Basic setup

    EMPLOYEE
    Posted Nov 16, 2015 10:57 AM

    Please compare authentication methods.  You are missing something.



  • 5.  RE: Clearpass Basic setup

    Posted Nov 16, 2015 11:02 AM
      |   view attached

    this is the error trying to connect with android device

     

    Regards

     

     



  • 6.  RE: Clearpass Basic setup

    EMPLOYEE
    Posted Nov 16, 2015 11:07 AM

    You are missing EAP MsChapV2 from your authentication methods.  Please compare my screenshot to yours.

     



  • 7.  RE: Clearpass Basic setup

    Posted Nov 17, 2015 05:07 AM
      |   view attached

    Hi Good Morning cjoseph,

     

    I recheck all settings and they seem now ok , but rejects via a testing android device continue to happen.

     

    Attached some info..

     

    regards

    Attachment(s)

    pdf
    screens 802.1x.pdf   1.06 MB 1 version


  • 8.  RE: Clearpass Basic setup

    Posted Nov 17, 2015 05:50 AM
      |   view attached

    Also one log file from a failure

     

    Regards

    Attachment(s)

    docx
    log_failure.docx   346 KB 1 version


  • 9.  RE: Clearpass Basic setup
    Best Answer

    Posted Nov 19, 2015 04:51 AM
      |   view attached

    Hi

    problem solved

     

    I was missing MAc settings under 802.1x profile in ARUBA Controller.. Errrrrr.

     

    Working ok

     

    Regards

    Attachment(s)

    docx
    802.1x profile.docx   132 KB 1 version


  • 10.  RE: Clearpass Basic setup

    EMPLOYEE
    Posted Nov 19, 2015 06:04 AM
    :(