Security

Hello Guys, I would like to some guidance in implementing EAP- Teap Method. 

I have seen a lot of threads concerning TEAP method but so far nothing seem helpful. I have followed this guide:

But my problem is that the before the user login the computer is authenticated correctly but after the user login the TEAP method does not fall over the second method. 

I have to disconnect and rejoin the network for fall back to method 2. 

I have tried a lot of things but nothing seems to work.

Any help would me appreciated. 

Hi

Do you have configured option "user or computer authentication" in advanced settings of 802.1x windows supplicant ?

How do you configure supplicant ? Manual or GPO ?

If you can share screenshot from configuration supplicant.

Regards

Piotr Filip 

------------------------------
Piotr Filip

ACEX#41/ACCX/ACDX/ACMX/CWNA/CWSP

Original Message:
Sent: Mar 20, 2024 02:55 PM
From: OumarCisse
Subject: ClearPass Policy Manager 6.12.1 with TEAP Method

Hello Guys, I would like to some guidance in implementing EAP- Teap Method. 

I have seen a lot of threads concerning TEAP method but so far nothing seem helpful. I have followed this guide:

But my problem is that the before the user login the computer is authenticated correctly but after the user login the TEAP method does not fall over the second method. 

I have to disconnect and rejoin the network for fall back to method 2. 

I have tried a lot of things but nothing seems to work.

Any help would me appreciated. 

Hi, 

Yes, I have the option  "user or computer authentication" in advanced settings of 802.1x windows supplicant chosen.

I am using Intune plug-in for Authentication since I can't use Azure AD. 

I can also share my config from the set-up I did in the clearnpass. I have followed the documentation that I have found online.

Hi

Do you have configured option "user or computer authentication" in advanced settings of 802.1x windows supplicant ?

How do you configure supplicant ? Manual or GPO ?

If you can share screenshot from configuration supplicant.

Regards

Piotr Filip 

------------------------------
Piotr Filip

ACEX#41/ACCX/ACDX/ACMX/CWNA/CWSP

Original Message:
Sent: Mar 20, 2024 02:55 PM
From: OumarCisse
Subject: ClearPass Policy Manager 6.12.1 with TEAP Method

Hello Guys, I would like to some guidance in implementing EAP- Teap Method. 

I have seen a lot of threads concerning TEAP method but so far nothing seem helpful. I have followed this guide:

But my problem is that the before the user login the computer is authenticated correctly but after the user login the TEAP method does not fall over the second method. 

I have to disconnect and rejoin the network for fall back to method 2. 

I have tried a lot of things but nothing seems to work.

Any help would me appreciated. 

Forgot to mention. At the login screen, when you join the network, the machine auth works perfectly. But as soon as the user login you have to disconnect and reconnect the wifi for the user Auth to appear. 

It works fine the opposite way when the user sign-out, the machine takes place which is the expected behavior. I am just trying to get around from disconnecting and reconnecting to the wifi every time as we have machine that we loaned to users.

Hi, 

Yes, I have the option  "user or computer authentication" in advanced settings of 802.1x windows supplicant chosen.

I am using Intune plug-in for Authentication since I can't use Azure AD. 

I can also share my config from the set-up I did in the clearnpass. I have followed the documentation that I have found online.

Hi

Do you have configured option "user or computer authentication" in advanced settings of 802.1x windows supplicant ?

How do you configure supplicant ? Manual or GPO ?

If you can share screenshot from configuration supplicant.

Regards

Piotr Filip 

------------------------------
Piotr Filip

ACEX#41/ACCX/ACDX/ACMX/CWNA/CWSP

Original Message:
Sent: Mar 20, 2024 02:55 PM
From: OumarCisse
Subject: ClearPass Policy Manager 6.12.1 with TEAP Method

Hello Guys, I would like to some guidance in implementing EAP- Teap Method. 

I have seen a lot of threads concerning TEAP method but so far nothing seem helpful. I have followed this guide:

But my problem is that the before the user login the computer is authenticated correctly but after the user login the TEAP method does not fall over the second method. 

I have to disconnect and rejoin the network for fall back to method 2. 

I have tried a lot of things but nothing seems to work.

Any help would me appreciated. 

What method do you use for computer and user ? 

Do you have managed computer by Azure AD ? It change GINA login to SAML.

Regards

Piotr Filip 

Forgot to mention. At the login screen, when you join the network, the machine auth works perfectly. But as soon as the user login you have to disconnect and reconnect the wifi for the user Auth to appear. 

It works fine the opposite way when the user sign-out, the machine takes place which is the expected behavior. I am just trying to get around from disconnecting and reconnecting to the wifi every time as we have machine that we loaned to users.

Hi, 

Yes, I have the option  "user or computer authentication" in advanced settings of 802.1x windows supplicant chosen.

I am using Intune plug-in for Authentication since I can't use Azure AD. 

I can also share my config from the set-up I did in the clearnpass. I have followed the documentation that I have found online.

Hi

Do you have configured option "user or computer authentication" in advanced settings of 802.1x windows supplicant ?

How do you configure supplicant ? Manual or GPO ?

If you can share screenshot from configuration supplicant.

Regards

Piotr Filip 

------------------------------
Piotr Filip

ACEX#41/ACCX/ACDX/ACMX/CWNA/CWSP

Original Message:
Sent: Mar 20, 2024 02:55 PM
From: OumarCisse
Subject: ClearPass Policy Manager 6.12.1 with TEAP Method

Hello Guys, I would like to some guidance in implementing EAP- Teap Method. 

I have seen a lot of threads concerning TEAP method but so far nothing seem helpful. I have followed this guide:

But my problem is that the before the user login the computer is authenticated correctly but after the user login the TEAP method does not fall over the second method. 

I have to disconnect and rejoin the network for fall back to method 2. 

I have tried a lot of things but nothing seems to work.

Any help would me appreciated. 

Yes, we manage all of our windows computers in Azure.

I am not sure what you meant by which method do I use form computer and user? Do you mind explaining further.

Oumar 

What method do you use for computer and user ? 

Do you have managed computer by Azure AD ? It change GINA login to SAML.

Regards

Piotr Filip 

Forgot to mention. At the login screen, when you join the network, the machine auth works perfectly. But as soon as the user login you have to disconnect and reconnect the wifi for the user Auth to appear. 

It works fine the opposite way when the user sign-out, the machine takes place which is the expected behavior. I am just trying to get around from disconnecting and reconnecting to the wifi every time as we have machine that we loaned to users.

Hi, 

Yes, I have the option  "user or computer authentication" in advanced settings of 802.1x windows supplicant chosen.

I am using Intune plug-in for Authentication since I can't use Azure AD. 

I can also share my config from the set-up I did in the clearnpass. I have followed the documentation that I have found online.

Hi

Do you have configured option "user or computer authentication" in advanced settings of 802.1x windows supplicant ?

How do you configure supplicant ? Manual or GPO ?

If you can share screenshot from configuration supplicant.

Regards

Piotr Filip 

------------------------------
Piotr Filip

ACEX#41/ACCX/ACDX/ACMX/CWNA/CWSP

Original Message:
Sent: Mar 20, 2024 02:55 PM
From: OumarCisse
Subject: ClearPass Policy Manager 6.12.1 with TEAP Method

Hello Guys, I would like to some guidance in implementing EAP- Teap Method. 

I have seen a lot of threads concerning TEAP method but so far nothing seem helpful. I have followed this guide:

But my problem is that the before the user login the computer is authenticated correctly but after the user login the TEAP method does not fall over the second method. 

I have to disconnect and rejoin the network for fall back to method 2. 

I have tried a lot of things but nothing seems to work.

Any help would me appreciated. 

In supplicant you have button settings on right from configuration TEAP. Can you do screenshot from this ?

Regards

Yes, we manage all of our windows computers in Azure.

I am not sure what you meant by which method do I use form computer and user? Do you mind explaining further.

Oumar 

What method do you use for computer and user ? 

Do you have managed computer by Azure AD ? It change GINA login to SAML.

Regards

Piotr Filip 

Forgot to mention. At the login screen, when you join the network, the machine auth works perfectly. But as soon as the user login you have to disconnect and reconnect the wifi for the user Auth to appear. 

It works fine the opposite way when the user sign-out, the machine takes place which is the expected behavior. I am just trying to get around from disconnecting and reconnecting to the wifi every time as we have machine that we loaned to users.

Hi, 

Yes, I have the option  "user or computer authentication" in advanced settings of 802.1x windows supplicant chosen.

I am using Intune plug-in for Authentication since I can't use Azure AD. 

I can also share my config from the set-up I did in the clearnpass. I have followed the documentation that I have found online.

Hi

Do you have configured option "user or computer authentication" in advanced settings of 802.1x windows supplicant ?

How do you configure supplicant ? Manual or GPO ?

If you can share screenshot from configuration supplicant.

Regards

Piotr Filip 

------------------------------
Piotr Filip

ACEX#41/ACCX/ACDX/ACMX/CWNA/CWSP

Original Message:
Sent: Mar 20, 2024 02:55 PM
From: OumarCisse
Subject: ClearPass Policy Manager 6.12.1 with TEAP Method

Hello Guys, I would like to some guidance in implementing EAP- Teap Method. 

I have seen a lot of threads concerning TEAP method but so far nothing seem helpful. I have followed this guide:

But my problem is that the before the user login the computer is authenticated correctly but after the user login the TEAP method does not fall over the second method. 

I have to disconnect and rejoin the network for fall back to method 2. 

I have tried a lot of things but nothing seems to work.

Any help would me appreciated. 

Yes, here it is.

In supplicant you have button settings on right from configuration TEAP. Can you do screenshot from this ?

Regards

Yes, we manage all of our windows computers in Azure.

I am not sure what you meant by which method do I use form computer and user? Do you mind explaining further.

Oumar 

What method do you use for computer and user ? 

Do you have managed computer by Azure AD ? It change GINA login to SAML.

Regards

Piotr Filip 

Forgot to mention. At the login screen, when you join the network, the machine auth works perfectly. But as soon as the user login you have to disconnect and reconnect the wifi for the user Auth to appear. 

It works fine the opposite way when the user sign-out, the machine takes place which is the expected behavior. I am just trying to get around from disconnecting and reconnecting to the wifi every time as we have machine that we loaned to users.

Hi, 

Yes, I have the option  "user or computer authentication" in advanced settings of 802.1x windows supplicant chosen.

I am using Intune plug-in for Authentication since I can't use Azure AD. 

I can also share my config from the set-up I did in the clearnpass. I have followed the documentation that I have found online.

Hi

Do you have configured option "user or computer authentication" in advanced settings of 802.1x windows supplicant ?

How do you configure supplicant ? Manual or GPO ?

If you can share screenshot from configuration supplicant.

Regards

Piotr Filip 

------------------------------
Piotr Filip

ACEX#41/ACCX/ACDX/ACMX/CWNA/CWSP

Original Message:
Sent: Mar 20, 2024 02:55 PM
From: OumarCisse
Subject: ClearPass Policy Manager 6.12.1 with TEAP Method

Hello Guys, I would like to some guidance in implementing EAP- Teap Method. 

I have seen a lot of threads concerning TEAP method but so far nothing seem helpful. I have followed this guide:

But my problem is that the before the user login the computer is authenticated correctly but after the user login the TEAP method does not fall over the second method. 

I have to disconnect and rejoin the network for fall back to method 2. 

I have tried a lot of things but nothing seems to work.

Any help would me appreciated. 

Everything looks good.

I see that you use the certificate for both authentication. Do you have many certificate for user ? When you manually reconnect, do you have a choice of certificate ?

If yes, you need to configure EAP-TLS which is inside TEAP.

Regards

Piotr Filip 

Yes, here it is.

In supplicant you have button settings on right from configuration TEAP. Can you do screenshot from this ?

Regards

Yes, we manage all of our windows computers in Azure.

I am not sure what you meant by which method do I use form computer and user? Do you mind explaining further.

Oumar 

What method do you use for computer and user ? 

Do you have managed computer by Azure AD ? It change GINA login to SAML.

Regards

Piotr Filip 

Forgot to mention. At the login screen, when you join the network, the machine auth works perfectly. But as soon as the user login you have to disconnect and reconnect the wifi for the user Auth to appear. 

It works fine the opposite way when the user sign-out, the machine takes place which is the expected behavior. I am just trying to get around from disconnecting and reconnecting to the wifi every time as we have machine that we loaned to users.

Hi, 

Yes, I have the option  "user or computer authentication" in advanced settings of 802.1x windows supplicant chosen.

I am using Intune plug-in for Authentication since I can't use Azure AD. 

I can also share my config from the set-up I did in the clearnpass. I have followed the documentation that I have found online.

Hi

Do you have configured option "user or computer authentication" in advanced settings of 802.1x windows supplicant ?

How do you configure supplicant ? Manual or GPO ?

If you can share screenshot from configuration supplicant.

Regards

Piotr Filip 

------------------------------
Piotr Filip

ACEX#41/ACCX/ACDX/ACMX/CWNA/CWSP

Original Message:
Sent: Mar 20, 2024 02:55 PM
From: OumarCisse
Subject: ClearPass Policy Manager 6.12.1 with TEAP Method

Hello Guys, I would like to some guidance in implementing EAP- Teap Method. 

I have seen a lot of threads concerning TEAP method but so far nothing seem helpful. I have followed this guide:

But my problem is that the before the user login the computer is authenticated correctly but after the user login the TEAP method does not fall over the second method. 

I have to disconnect and rejoin the network for fall back to method 2. 

I have tried a lot of things but nothing seems to work.

Any help would me appreciated. 

I am only using one cert of the user and one cert for the machine.

When I disconnect and reconnect, it works as expected. I don't have to choose between cert.

Everything looks good.

I see that you use the certificate for both authentication. Do you have many certificate for user ? When you manually reconnect, do you have a choice of certificate ?

If yes, you need to configure EAP-TLS which is inside TEAP.

Regards

Piotr Filip 

Yes, here it is.

In supplicant you have button settings on right from configuration TEAP. Can you do screenshot from this ?

Regards

Yes, we manage all of our windows computers in Azure.

I am not sure what you meant by which method do I use form computer and user? Do you mind explaining further.

Oumar 

What method do you use for computer and user ? 

Do you have managed computer by Azure AD ? It change GINA login to SAML.

Regards

Piotr Filip 

Forgot to mention. At the login screen, when you join the network, the machine auth works perfectly. But as soon as the user login you have to disconnect and reconnect the wifi for the user Auth to appear. 

It works fine the opposite way when the user sign-out, the machine takes place which is the expected behavior. I am just trying to get around from disconnecting and reconnecting to the wifi every time as we have machine that we loaned to users.

Hi, 

Yes, I have the option  "user or computer authentication" in advanced settings of 802.1x windows supplicant chosen.

I am using Intune plug-in for Authentication since I can't use Azure AD. 

I can also share my config from the set-up I did in the clearnpass. I have followed the documentation that I have found online.

Hi

Do you have configured option "user or computer authentication" in advanced settings of 802.1x windows supplicant ?

How do you configure supplicant ? Manual or GPO ?

If you can share screenshot from configuration supplicant.

Regards

Piotr Filip 

------------------------------
Piotr Filip

ACEX#41/ACCX/ACDX/ACMX/CWNA/CWSP

Original Message:
Sent: Mar 20, 2024 02:55 PM
From: OumarCisse
Subject: ClearPass Policy Manager 6.12.1 with TEAP Method

Hello Guys, I would like to some guidance in implementing EAP- Teap Method. 

I have seen a lot of threads concerning TEAP method but so far nothing seem helpful. I have followed this guide:

But my problem is that the before the user login the computer is authenticated correctly but after the user login the TEAP method does not fall over the second method. 

I have to disconnect and rejoin the network for fall back to method 2. 

I have tried a lot of things but nothing seems to work.

Any help would me appreciated. 

Everything looks fine and it's strange that there is a problem.

Can you send the log from Access Tracker? You should have 3 logs:
1. Computer authentication
2. Computer authentication and user authentication error
3. Correct authentication of the computer and the device after manual connection.

Take screenshots and export logs for these 3 cases.

Regards

I am only using one cert of the user and one cert for the machine.

When I disconnect and reconnect, it works as expected. I don't have to choose between cert.

Everything looks good.

I see that you use the certificate for both authentication. Do you have many certificate for user ? When you manually reconnect, do you have a choice of certificate ?

If yes, you need to configure EAP-TLS which is inside TEAP.

Regards

Piotr Filip 

Yes, here it is.

In supplicant you have button settings on right from configuration TEAP. Can you do screenshot from this ?

Regards

Yes, we manage all of our windows computers in Azure.

I am not sure what you meant by which method do I use form computer and user? Do you mind explaining further.

Oumar 

What method do you use for computer and user ? 

Do you have managed computer by Azure AD ? It change GINA login to SAML.

Regards

Piotr Filip 

Forgot to mention. At the login screen, when you join the network, the machine auth works perfectly. But as soon as the user login you have to disconnect and reconnect the wifi for the user Auth to appear. 

It works fine the opposite way when the user sign-out, the machine takes place which is the expected behavior. I am just trying to get around from disconnecting and reconnecting to the wifi every time as we have machine that we loaned to users.

Hi, 

Yes, I have the option  "user or computer authentication" in advanced settings of 802.1x windows supplicant chosen.

I am using Intune plug-in for Authentication since I can't use Azure AD. 

I can also share my config from the set-up I did in the clearnpass. I have followed the documentation that I have found online.

Hi

Do you have configured option "user or computer authentication" in advanced settings of 802.1x windows supplicant ?

How do you configure supplicant ? Manual or GPO ?

If you can share screenshot from configuration supplicant.

Regards

Piotr Filip 

------------------------------
Piotr Filip

ACEX#41/ACCX/ACDX/ACMX/CWNA/CWSP

Original Message:
Sent: Mar 20, 2024 02:55 PM
From: OumarCisse
Subject: ClearPass Policy Manager 6.12.1 with TEAP Method

Hello Guys, I would like to some guidance in implementing EAP- Teap Method. 

I have seen a lot of threads concerning TEAP method but so far nothing seem helpful. I have followed this guide:

But my problem is that the before the user login the computer is authenticated correctly but after the user login the TEAP method does not fall over the second method. 

I have to disconnect and rejoin the network for fall back to method 2. 

I have tried a lot of things but nothing seems to work.

Any help would me appreciated. 

Hi, 

Yes, I have the option  "user or computer authentication" in advanced settings of 802.1x windows supplicant chosen.

I am using Intune plug-in for Authentication since I can't use Azure AD. 

I can also share my config from the set-up I did in the clearnpass. I have followed the documentation that I have found online.

Hi

Do you have configured option "user or computer authentication" in advanced settings of 802.1x windows supplicant ?

How do you configure supplicant ? Manual or GPO ?

If you can share screenshot from configuration supplicant.

Regards

Piotr Filip 

------------------------------
Piotr Filip

ACEX#41/ACCX/ACDX/ACMX/CWNA/CWSP

Original Message:
Sent: Mar 20, 2024 02:55 PM
From: OumarCisse
Subject: ClearPass Policy Manager 6.12.1 with TEAP Method

Hello Guys, I would like to some guidance in implementing EAP- Teap Method. 

I have seen a lot of threads concerning TEAP method but so far nothing seem helpful. I have followed this guide:

But my problem is that the before the user login the computer is authenticated correctly but after the user login the TEAP method does not fall over the second method. 

I have to disconnect and rejoin the network for fall back to method 2. 

I have tried a lot of things but nothing seems to work.

Any help would me appreciated. 

Hi.  We are looking to upgrade from PEAP to TEAP for our wireless as well and as you mentioned Entra ID is not supported.  I wonder if you can share your service/rule setup such as Authentication, Authorization, Roles, and Enforcement.  Thanks.

Hi, 

Yes, I have the option  "user or computer authentication" in advanced settings of 802.1x windows supplicant chosen.

I am using Intune plug-in for Authentication since I can't use Azure AD. 

I can also share my config from the set-up I did in the clearnpass. I have followed the documentation that I have found online.

Hi

Do you have configured option "user or computer authentication" in advanced settings of 802.1x windows supplicant ?

How do you configure supplicant ? Manual or GPO ?

If you can share screenshot from configuration supplicant.

Regards

Piotr Filip 

------------------------------
Piotr Filip

ACEX#41/ACCX/ACDX/ACMX/CWNA/CWSP

Original Message:
Sent: Mar 20, 2024 02:55 PM
From: OumarCisse
Subject: ClearPass Policy Manager 6.12.1 with TEAP Method

Hello Guys, I would like to some guidance in implementing EAP- Teap Method. 

I have seen a lot of threads concerning TEAP method but so far nothing seem helpful. I have followed this guide:

But my problem is that the before the user login the computer is authenticated correctly but after the user login the TEAP method does not fall over the second method. 

I have to disconnect and rejoin the network for fall back to method 2. 

I have tried a lot of things but nothing seems to work.

Any help would me appreciated.