This likely is a settings or certificate issue. Would be best to open a support case to get analyzed what is causing this internal error as even that can mean multiple things.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Apr 08, 2022 02:55 PM
From: Daniel Grandja
Subject: Android 11/12 error 215 on clearpass
Ok after further testing, i've worked out the CA needs to be the actual Root CA not the CA that signed the server certificate (in this case our intermediate CA)
However now when adding the Root CA to the Wireless profile, still seeing a 215 Error but instead of it being a ca error, its now a a "tlsv1 alert internal error"
So not sure what that means
------------------------------
Daniel Grandja
Original Message:
Sent: Apr 07, 2022 12:09 PM
From: Daniel Grandja
Subject: Android 11/12 error 215 on clearpass
Sure is with Android 11/12 devices only.
Our other users have been using the dont validate cert but as this is going away, we are providing instructions on how to download our root/intermediate cert so that users can apply this to their wireless profile when they create it, however in testing, this doesnt seem to actually work and we still see a TLS error in ClearPass, not sure why though...
------------------------------
Daniel Grandja
Original Message:
Sent: Apr 07, 2022 11:46 AM
From: Bruno Costa
Subject: Android 11/12 error 215 on clearpass
Hi Daniel
Your issues are also with android 11/12 devices?
Still getting this error also
Regards
------------------------------
Bruno Costa
Original Message:
Sent: Apr 07, 2022 03:33 AM
From: Daniel Grandja
Subject: Android 11/12 error 215 on clearpass
Im having the same issue... and struggling to work out how to solve this. Our RADIUS certificate is signed by our internal intermediate CA
We have tried the to add both the root CA and the intermediate CA to the wifi connection on the android device and either way the device fails to authenticate the user with the same TLS CA error using EAP-PEAP with MSCHAPv2
Should it be the Intermediate or Root applied to the Android Wifi config ? and any ideas why it wouldn't be accepting them ?
------------------------------
Daniel Grandja
Original Message:
Sent: Mar 29, 2022 12:37 PM
From: marcel koedijk
Subject: Android 11/12 error 215 on clearpass
The RADIUS certificate in Aruba ClearPass is signed by a intermediate or root CA. Is the root CA certificate correctly installed in the trust store on the Android client device?
------------------------------
Marcel Koedijk | MVP Expert 2022 | ACEP | ACMP | ACCP | ACDP | Ekahau ECSE | Not an HPE Employee | Opinions are my own
Original Message:
Sent: Mar 29, 2022 11:15 AM
From: Bruno Costa
Subject: Android 11/12 error 215 on clearpass
Its an internal CA from the client and its presented on the CPPM trust list
Regards
------------------------------
Bruno Costa
Original Message:
Sent: Mar 29, 2022 08:23 AM
From: Craig Syme
Subject: Android 11/12 error 215 on clearpass
Looks like it is an unknown CA. What is the CA the client is presenting to CPPM, does CPPM trust it?
------------------------------
Craig Syme
Original Message:
Sent: Mar 29, 2022 06:58 AM
From: Bruno Costa
Subject: Android 11/12 error 215 on clearpass
Hi
Could you please advise on this
we are getting errors on Clearpass 6.9, with devices android 11 connecting and given this error
Thanks for the help
Regards
------------------------------
Bruno Costa
------------------------------