Original Message:
Sent: Jul 25, 2025 10:45 AM
From: Owais101
Subject: Clearpass Authentication with Entra ID
Thanks alot William,
By any chance do you have any good resource/tutorial that walks through the process of integration (although not required in this setup). I tried multiple times but couldnt get azure account for trial, so cannot check in lab
Original Message:
Sent: 7/25/2025 10:38:00 AM
From: willembargeman
Subject: RE: Clearpass Authentication with Entra ID
Integration with EntraID is just for authorization reasons, not for authentication purposes.
When you have added the root and intermediate CA of the clients to ClearPass (and trust them for EAP) you are good to go. Make sure to disable Authorization within the EAP method.
Without authorizatoin this setup will allow each client with a signed certificate by the root CA to authenticate. It's also advisable to configure CRL / OCSP checking for the certificates. Next to that, the EntraID integration will help to validate the computer/users existence in EntraID.
------------------------------
Willem Bargeman
Systems Engineer Aruba
ACEX #125
Original Message:
Sent: Jul 25, 2025 10:21 AM
From: Owais101
Subject: Clearpass Authentication with Entra ID
Dear Experts,
I am new to Entra ID (Azure AD). Customer has given us the root CA and we have given them the CSR for Clearpass. They have client certificate installed on their laptop devices. Now they just want to authenticate the user based on their certs and give them internet access. Rest of the security is managed through Fortigate etc.
In this case do i need to integrate CPPM with Entra ID? or it will be able to do the authentication just fine?
------------------------------
Owais101
------------------------------