Need some help persuading dot1x to work via an AP ethernet port
Got a client performing Peap/mschapv2 auth. plug into switch port and everything "just works" authenticating to our clearpass service
Change to eap-tls same thing everything works
Connect to wifi service all work
Create new clearpass service just for dot1x via an AP 2nd ethernet port ( Different selection criteria)
Plug same device into 2nd AP eth port ( I didn't do the AP config for this)
All eap based auths fail. For windows client uncheck the validate server certificate box in the dot1x config... and the auths work
We're not terminating eap auths on the controller, they all go to the same clearpass cluster as all other services. Eap based auth same as any other service
So is there any magic that needs to be done on the controller ?
Rgds
A