Security

last person joined: 8 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

EAP-TLS without onboarding licenses

This thread has been viewed 4 times

  • 1.  EAP-TLS without onboarding licenses

    Posted Oct 18, 2019 10:02 AM

    Dear Experts, 

     

    One of the customer is exploring the option of using certificate based authentication. Is it possible to do certificate management from Active directory CA (or some other CA) and only do the authentication from Clearpass. If yes, will it still need onboarding licenses?



  • 2.  RE: EAP-TLS without onboarding licenses
    Best Answer

    Posted Oct 18, 2019 10:10 AM
    Yes, won’t need onboard licenses if ClearPass is not acting as the CA



    Thank you

    Victor Fabian

    Pardon typos sent from Mobile


  • 3.  RE: EAP-TLS without onboarding licenses

    Posted Oct 18, 2019 10:38 AM
    Can you also highlight will the process of onboarding client will remain
    the same?

    Like directing them to a webpage and configuring their 802.1x settings via
    quick connect tool?


  • 4.  RE: EAP-TLS without onboarding licenses

    Posted Oct 18, 2019 01:37 PM
    Yes you can use a dual Onboarding workflow and configure the necessary policies to provide access to Onboarding devices vs devices using ADCS issued certificates



    Thank you

    Victor Fabian

    Pardon typos sent from Mobile