Cloud Managed Networks

Hello all,

I'm creating a test environment with Central NAC and Aruba Onboarding.

I'm stuck on an issue with a client attempting to connect to my test SSID.  It's downloaded the network profile through HPE Onboarding app, but when it tries to connect to the SSID it rejects the authentication certificate.

I followed the instructions shown here for the authentication profile: Authentication and Authorization

Hpe		remove preview
Authentication and Authorization Overview of authentication and authorization policies in Central NAC View this on Hpe >

My problem is that in the instructions for the Authentication Profile, it shows EAP as an Authentication Type option.  Then at the bottom you get options for selecting the Default Certificate or using a Custom one.

In my environment, I don't have just EAP as an option.  I only have EAP-TLS.  This doesn't provide options on the bottom to select a certificate.  So where do I set a certificate now to provide to the client?  

Thanks!

EAP has been renamed to EAP-TLS in the Authentication Profile. So that is correct.

Did you check if any request is reaching Central NAC? Please go to Central NAC > Clients. 

If you don't see the Wireless 802.1x request on that page there is probably an issue between the AP and Central NAC. Make sure TCP port 2083 (RadSec) is allowed from the AP to Central NAC.

Please also check the client in Central monitoring. Probably listed under the failed clients. Simply search for the MAC address in the Search Bar. This can help to root cause the issue. 

------------------------------
Willem Bargeman
Systems Engineer Aruba
ACEX #125
------------------------------