Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Guest Smtp authentication failure [SMTP: STARTTLS failed (code: 220)

This thread has been viewed 0 times

  • 1.  Guest Smtp authentication failure [SMTP: STARTTLS failed (code: 220)

    Posted Dec 21, 2016 02:12 PM

    Hi all

     

    my problem is smtp auth. failure in guest service.  

    under the "ClearPass Guest>Configuration>Receipts>Email receipt>Test Mail Settings"

    generates the above SMTP:STARTTLS Fail code

    (authentication failure [SMTP: STARTTLS failed (code: 220, response: 2.0.0 Ready to start TLS)] error message.)

     

    ClearPass Policy Manager>Administration>External Servers>Messaging Setup>Send Test Email

    successfully sends a message

     

    running cppm version is 6.6.0.  

     

    do you have experience with the subject? 



  • 2.  RE: Guest Smtp authentication failure [SMTP: STARTTLS failed (code: 220)

    Posted Dec 21, 2016 11:27 PM

    Hi,

     

    It is expected beahvior with 6.6.X versions if you have username and password fields mentioned in messaging setup in policy manager.

    When SMTP server supports TLS and when we have username and password fields mentioned in messaging setup, guest module will always initiate the TLS connection. 

     

    In order to complete this TLS transaction wither you could import the SSL certificate of SMTP server in trust list or you could disable TLS support on SMTP server.

     

    Regards,

    Pranav



  • 3.  RE: Guest Smtp authentication failure [SMTP: STARTTLS failed (code: 220)

    Posted Dec 22, 2016 04:36 AM

    thanks for reply pranav, 

     

    Our customers have upgraded themselves to 6.6 directly from cppm version 6.3. And it has begun to come out of possible errors from this process.

             .They get an error during  .1x authentication. The cppm access tracker also has AD pipe broken errors.

              At the same time, policy manager smtp settings are correct and test mail is being sent even though the  ,  do not send a mail to the guest service the   .  "smtp auth. Failed starttls " errors exist in Guest application logs  

     

    So I want to rebuild it.

           My question is actually to use the factory default  with the "cluster reset-database" command over cli because They use the hardware appliance then Config. and database will remove and will open the 6.6 version again. or Does it fall in the old default version?

     

    or; Again on the cli I see the 6.5 version of the  system boot-image list command. What gives me to use this command.?

     

    thanks.

    regards

    murat



  • 4.  RE: Guest Smtp authentication failure [SMTP: STARTTLS failed (code: 220)
    Best Answer

    Posted Dec 29, 2016 03:37 AM

    Problem solved with downgrade 6.5.x version

     

    thanks 

     



  • 5.  RE: Guest Smtp authentication failure [SMTP: STARTTLS failed (code: 220)

    Posted Apr 28, 2017 04:11 PM

    We also encountered this issue. We searched the ClearPass Guest User Guide and found no mention of this "expected behavior".  Found it extremely frustrating that doing a test under ClearPass Policy Manager -> Messaging Setup worked, security set to None but username/password filled in, while testing under ClearPass Guest - SMTP Services failed because of "STARTTLS failed" even though CPPM messaging securty was set to none.

     

    Please make both Policy Manager and Guest work the same, and optional include this expected behavior in your guide.

     

    Thanks!