Security

Hi community, I hope you are well.

I'm in a testing lab where I have Aruba Access Switch 2930M and a Core Aruba 5406 zl2 switch; I have configured the switch ports as 802.1X in Clearpass as my Radius server according to the Wired Policy Enforcement Solution guide. At the moment of making a remote desktop for 802.1X between 2 PC's that do not have blockages at the level of ACL's, it is connected approx. 2 seconds to the client's desktop and later the client PC of the connection loses its connectivity and the remote connection is lost and in the switch the following "log" appears. What do you think that might be ? I hope you can support me.
Thank you.

From the logs, it looks like you are returning invalid role/ACL/VLAN/other attributes to the switch. Did you deploy downloadable user roles? Check the content of the roles in that case. Did you deploy local user roles? Verify that you didn't return additional attributes like VLAN that conflict with local user roles.

This video may help to troubleshoot. While it is specific for dACL, the troubleshooting should be similar to user-roles.

Hello 

This is a known issue. 

Microsoft does not allow 802.1x user authentication for remote desktop sessions, as you can check at the below links:

https://community.arubanetworks.com/t5/Security/802-1x-EAP-TLS-and-Remote-Desktop-User-Authentication/m-p/41834
https://community.arubanetworks.com/t5/Wireless-and-RF/Windows-Remote-Desktop-and-wireless-clients/td-p/7813

Regards, 

Thiago Araujo