Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

No Radius Authentication (Intermittent)

This thread has been viewed 0 times

  • 1.  No Radius Authentication (Intermittent)

    Posted Nov 18, 2015 09:02 AM

    1) Have anyone experience that authentication is not being trigger sometimes? Everything is work fine, Radius authentcation using EAP-TLS works but there are times where no authentication is being triggered. Sometimes it happens on machine auth sometimes it happens on user auth

     

    2) another issue is that the laptop has 2 user domain account. however user auth is only being triggered when I log into 1 of the accounts, when I log off and login using another account, user radius authentication won't be triggered no matter what. I am pretty sure 802.1x network adapter setting are enabled and both certs are present.

     

    anyone experience such issue? is there some settings which I could change in NAD or clearpass itself? Thanks



  • 2.  RE: No Radius Authentication (Intermittent)

    EMPLOYEE
    Posted Nov 18, 2015 09:05 AM
    Is the network configuration set by group policy or at the local machine level?

    Sent from Nine


  • 3.  RE: No Radius Authentication (Intermittent)

    Posted Nov 18, 2015 09:11 AM

    thanks for the quick reply.

     

    it's via GPO. but i am pretty sure the it's enabled on the other account.



  • 4.  RE: No Radius Authentication (Intermittent)

    EMPLOYEE
    Posted Nov 18, 2015 09:30 AM

    Is the GPO configured for machine and user?

    Has the user you're testing with logged in to the machine before?

    Is this wired or wireless?



  • 5.  RE: No Radius Authentication (Intermittent)

    Posted Nov 18, 2015 09:53 AM

    yes configured for both machine and user auth.. if not the other user probably can't work..

    yes logged in before.. both machine and user cert is there.. i am thinking could it be SEP that could have blocked the radius traffic for this user. could that be that case? what other possible reason?

     

    how about the case where sometimes no authentication is being trigger? need to try a couple of times or reboot the machine. this doesn't happen frequenly but still observed quite a few times.



  • 6.  RE: No Radius Authentication (Intermittent)

    EMPLOYEE
    Posted Nov 18, 2015 09:57 AM
    Authentication is triggered by the NAD. For wired, it is triggered on a port up and for wireless it's triggered after association. Be sure SEP isn't blocking EAPOL.

    https://support.symantec.com/en_US/article.TECH203497.html

    Is this wired or wireless that you're seeing the issue?
    Are the NIC drivers up to date?
    Are you seeing similar issues with Macs?


  • 7.  RE: No Radius Authentication (Intermittent)

    Posted Nov 18, 2015 09:31 PM

    noted on the SEP, this could be the reason.

     

    Is this wired or wireless that you're seeing the issue? - wired
    Are the NIC drivers up to date? - it should be up to date though not the latest
    Are you seeing similar issues with Macs?- not using macs

     

    as for the sometimes no radius authentcation issue, i can see from the switch that the client is 'authenticating' however after awhile it fails, and i don't see any log from the access tracker. as mentioned i don't see this behavior very often, i am just wondering what could cause such issue.

     

    i also have another issue where machine authentication is not being triggered upon log out. this behavior also happens sometime. only upon rebooting the machine, the machine auth is being triggered.