Security

Reply
Highlighted
Contributor II

Connection error by remote desktop in 802.1X - Clearpass

Hi community, I hope you are well.

 

I'm in a testing lab where I have Aruba Access Switch 2930M and a Core Aruba 5406 zl2 switch; I have configured the switch ports as 802.1X in Clearpass as my Radius server according to the Wired Policy Enforcement Solution guide. At the moment of making a remote desktop for 802.1X between 2 PC's that do not have blockages at the level of ACL's, it is connected approx. 2 seconds to the client's desktop and later the client PC of the connection loses its connectivity and the remote connection is lost and in the switch the following "log" appears. What do you think that might be ? I hope you can support me.
Thank you.

 

macAuth1.PNGmacAuth.PNG

 

 

Highlighted
MVP Guru

Re: Connection error by remote desktop in 802.1X - Clearpass

From the logs, it looks like you are returning invalid role/ACL/VLAN/other attributes to the switch. Did you deploy downloadable user roles? Check the content of the roles in that case. Did you deploy local user roles? Verify that you didn't return additional attributes like VLAN that conflict with local user roles.

 

This video may help to troubleshoot. While it is specific for dACL, the troubleshooting should be similar to user-roles.

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).
Highlighted
Occasional Contributor II

Re: Connection error by remote desktop in 802.1X - Clearpass

Hello 

This is a known issue. 

Microsoft does not allow 802.1x user authentication for remote desktop sessions, as you can check at the below links:

 


https://community.arubanetworks.com/t5/Security/802-1x-EAP-TLS-and-Remote-Desktop-User-Authentication/m-p/41834
https://community.arubanetworks.com/t5/Wireless-and-RF/Windows-Remote-Desktop-and-wireless-clients/td-p/7813

Regards, 

 

Thiago Araujo

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: