Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Posture Checking with EAP-TLS

This thread has been viewed 0 times

  • 1.  Posture Checking with EAP-TLS

    Posted Jan 29, 2013 12:19 PM

    Hello Everyone,

     

    I would like to perform posture checking on my wireless clients who are authenticating with EAP-TLS, however in windows i cannot find a way to enable the NAP agent on the EAP-TLS configured wireless network.

     

    From looking online i found that you need to enable Enable Quarantine checks but the instructions only refer to EAP-PEAP:

     

    To view PEAP properties of a network connection for wireless 802.1X-authenticated computers, right-click the wireless network connection, click Status, click Wireless Properties, click the Security tab, and under Choose a network authentication method, next to Microsoft Protected EAP (PEAP), click Settings.

     

    Is it currently possible to do health checking via clearpass and NAP agents for clients connecting via EAP-TLS?

     

    Thanks,

     

    -ELiasz



  • 2.  RE: Posture Checking with EAP-TLS
    Best Answer

    Posted Jan 29, 2013 12:37 PM

    Posted too soon.

     

    I had to enabled the EAP Quarantine Enforcement Client on the device under NAPCLCFG.MSC

     

    Also i configured the wireless profiles with EAP-PEAP outer method, and EAP-TLS as the inner method(to still allow for certificate authentication). This allows the NAP Check to be performed since it requires EAP-PEAP.

     

    Hope this helps anyone who may come across this,

     

    -ELiasz