12-08-2016 10:37 AM
We are implementing dot1x authentication using ClearPass as the radius server. I am trying to understand how to prevent users from creating a new wireless network profile and bypassing the Radius server certificates.
Currently a user can create a new profile and not click on Validate server certificate by passing the EAP tunnel and sending their passwords not in a tunnel.
Is there something on the Aruba controller I can do to enforce this in the AAA autentication profile or in ClearPass?
Solved! Go to Solution.
12-08-2016 10:39 AM
be to use EAP-TLS if this is a concern.
| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |