Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass machine authentication query

This thread has been viewed 1 times

  • 1.  Clearpass machine authentication query

    Posted Aug 20, 2018 09:47 AM

    Hi,

    I recently created a couple of user roles in clearpass and controller to assign dynamic VLANs based on user group membership in AD, without creating any rule for machine authentication, on testing I found that am not getting the appropriate VLAN, and when I checked clearpass it shows it's applying a machine authentication role instead of a user role authentication.  I get the appropriate vlan when I connect to the wifi via my iPhone or a different laptop, how do I resolve such issue? as its affecting a couple of users.



  • 2.  RE: Clearpass machine authentication query

    EMPLOYEE
    Posted Aug 20, 2018 10:09 AM

    Your problem could be in a number of places.

     

    Do you have "Enforce Machine Authentication" enabled on the Aruba controller?

    Do you have any roles or enforcement policies that are tied to machine authentication in ClearPass?  By default ClearPass will report devices that have both passed user and machine authentication without switching roles.



  • 3.  RE: Clearpass machine authentication query

    Posted Aug 20, 2018 12:20 PM

    Not at the minute. But will check the controller settings.



  • 4.  RE: Clearpass machine authentication query
    Best Answer

    Posted Aug 20, 2018 11:44 AM

    Chek that the clients have "User authentication"

     

    Capture.JPG



  • 5.  RE: Clearpass machine authentication query

    Posted Aug 20, 2018 12:21 PM

    I recognize this, will test that now. Thanks