Hi:
I'm having a few problems with our new 802.1x rollout. I'm using Clearpass with 3400 controllers.
Users are getting blacklisted after one failed authentication. This could happen if they roam between controllers, or if an AD auth fails for some reason.
Can someone comment on best practices in setting up blacklisting? Do I need to use it at all?
I'm guessing that there's some interaction between blacklisting and users getting locked out of AD during a password change?
What are other gotchas?
Can I blacklist some networks and not others, or at least have different settings?
My current setup is unusable.
Thanks for the help,
Tony
#3400