Contributor I

Clearpass machine authentication query


I recently created a couple of user roles in clearpass and controller to assign dynamic VLANs based on user group membership in AD, without creating any rule for machine authentication, on testing I found that am not getting the appropriate VLAN, and when I checked clearpass it shows it's applying a machine authentication role instead of a user role authentication.  I get the appropriate vlan when I connect to the wifi via my iPhone or a different laptop, how do I resolve such issue? as its affecting a couple of users.

Guru Elite

Re: Clearpass machine authentication query

Your problem could be in a number of places.


Do you have "Enforce Machine Authentication" enabled on the Aruba controller?

Do you have any roles or enforcement policies that are tied to machine authentication in ClearPass?  By default ClearPass will report devices that have both passed user and machine authentication without switching roles.

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Frequent Contributor II

Re: Clearpass machine authentication query

Chek that the clients have "User authentication"



Daniel Méndez Vargas
Contributor I

Re: Clearpass machine authentication query

Not at the minute. But will check the controller settings.

Contributor I

Re: Clearpass machine authentication query

I recognize this, will test that now. Thanks

Search Airheads
Showing results for 
Search instead for 
Did you mean: