Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Why cant I use Authentication:OuterMethod EQUALS EAP-TLS in a clearpass service selection

This thread has been viewed 3 times

  • 1.  Why cant I use Authentication:OuterMethod EQUALS EAP-TLS in a clearpass service selection

    Posted Sep 29, 2015 06:56 AM

    Hi,

    Trying to integrate clearpass onboarding into our eduroam auth service and want to check that the authentication method is EAP-TLS. Adding "Authentication:OuterMethod  EQUALS  EAP-TLS" doesn't work for service slection but is valid as an enforcement policy. You can certainly specify it as a selection criteria and for a successfully connected (manually generated) EAP-TLS connection, if you look at the session status it shows that th Auth:outerMethod is EAP-TLS

     

    A



  • 2.  RE: Why cant I use Authentication:OuterMethod EQUALS EAP-TLS in a clearpass service selection
    Best Answer

    EMPLOYEE
    Posted Sep 29, 2015 07:01 AM

    When the radius connection is incoming,  outer method is not available until it is negotiated.  The enforcement policy is the proper way to service an SSID with multiple encryption types.



  • 3.  RE: Why cant I use Authentication:OuterMethod EQUALS EAP-TLS in a clearpass service selection

    Posted Sep 29, 2015 07:04 AM

    o.k. thought it was something like that

    Rgds

    A