Security

last person joined: 20 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Machine and User Authentication

This thread has been viewed 1 times

  • 1.  Machine and User Authentication

    Posted Feb 29, 2012 05:47 PM

    We verify that a computer has both a user cert and machine cert from our PKI before allowing it on the wireless. the problem we seem to have is that when a laptop goes into sleep mode it loses machine auth. you have to reboot or logout and log back in to reconnect. The clients are Windows 7. Anyone seen anything like this?



  • 2.  RE: Machine and User Authentication

    EMPLOYEE
    Posted Feb 29, 2012 06:19 PM

    Your machine only "machine authenticates" if it is at the ctrl-alt-delete screen.  There is a timer in in the 802.1x profile under advanced that says how long the controller remembers that a machine has "machine authenticated" after being at the ctrl-alt-delete screen.  It is the "Machine Authentication Cache Timeout" parameter and by default it is only 24 hours, so your machine would have to be at the ctrl-alt-delete screen every 24 hours for the controller to know that it has machine authenticated.

     

    You can find this timer by going to configuration> security> authentication> l2 authentication> 802.1x profile.  Find the profile that corresponds to your WLAN and under advanced, the "Machine Authentication Cache Timeout" parameter should be there.  Extend it as long as you need, so that your users do not have to be log off then log on again.




  • 3.  RE: Machine and User Authentication

    Posted Jul 08, 2012 07:05 PM
    Is there a machine auth default timeout for Instant? If so, is there way to change it?