Security

 View Only
last person joined: 18 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass and Catalyst 2960X - EAP-TLS timeout

This thread has been viewed 5 times

  • 1.  Clearpass and Catalyst 2960X - EAP-TLS timeout

    Posted 30 days ago

    Hello Airheads,

    We are testing in our lab the integration of Clearpass and Cisco Catalyst 2960X for wired 802.1X authentication of Win11 Laptops.

    Everything works fine with EAP-PEAP, but when we switch the supplicant to EAP-TLS, we have RADIUS timeout logs in the access tracker. If we connect the same endpoint on an Aruba 2530 configured for 802.1X, EAP-TLS works fine.

    Clearpass version is 6.11.5 , Catalyst 2960X IOS version is the latest available, Endpoint device is Windows 11 Laptop with the latest patch.

    I just wanted to ask if anybody here succeeded in configuring the same environment with EAP-TLS with Cisco Catalyst 2960X and Clearpass, or if you have any suggestion to let it work.

    Thank you

    Kindly

    Alessandro



  • 2.  RE: Clearpass and Catalyst 2960X - EAP-TLS timeout

    EMPLOYEE
    Posted 29 days ago

    not per say, but a packet capture could be able to narrow it.
    fragmentation issue?



    ------------------------------
    If my post was useful accept solution and/or give kudos.
    Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
    ------------------------------

    Original Message


  • 3.  RE: Clearpass and Catalyst 2960X - EAP-TLS timeout

    Posted 28 days ago

    Hello and thank you,

    I don't think fragmentation could be a problem since we have the same MTU size on both Catalyst and HPE switches.

    Anyway I will take a PCAP from the port to investigate deeper.

    Kind regards

    Alessandro


    Original Message