Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

VIA client - use machine AND user certificate

This thread has been viewed 4 times

  • 1.  VIA client - use machine AND user certificate

    Posted Jan 25, 2020 08:21 AM
    Hi all,

    Got a VPN for remote users setup using a 7210 controller, VIA client with authentication being a user certificate with Clearpass.

    How can I enforce a machine certificate to be needed also? So VPN tunnel only forms when both certificates are valid?

    Thanks


  • 2.  RE: VIA client - use machine AND user certificate

    EMPLOYEE
    Posted Jan 25, 2020 09:41 AM
    You can only choose one certificate, not both for authentication.


  • 3.  RE: VIA client - use machine AND user certificate

    Posted Jan 25, 2020 09:47 AM
    Is there anyway to essentially form 2 tunnels - one at the computer level and then overlay with another tunnel using the user cert?

    Appreciate that sounds overkill; just looking into a request from the client.


  • 4.  RE: VIA client - use machine AND user certificate

    EMPLOYEE
    Posted Jan 25, 2020 02:38 PM

    Why, why, why? 



  • 5.  RE: VIA client - use machine AND user certificate

    Posted Jan 25, 2020 02:45 PM
    Lol - overly secure mindset.

    Basically can it be done?


  • 6.  RE: VIA client - use machine AND user certificate

    EMPLOYEE
    Posted Jan 25, 2020 03:01 PM

    I will let anyone who has done it answer.