It is Apple CNA. Enable "Prevent CNA" on clearpass onboard web login settings.
use safari browser for the onboard process on Apple devices
------------------------------
Asela Abhayapala
------------------------------
Original Message:
Sent: Feb 01, 2022 12:19 PM
From: Inzamam Shahid
Subject: ClearPass Onboard with Microsoft Azure
Hi,
CPPM Version: 6.8.5
We have an implementation which integrates ClearPass onboard with Microsoft Azure. The authentication flow is:
1. Dual SSID onboarding, user connects to SSID to onboard their device.
2. User selects onboarding button on the page
3. User get re-directed to Microsoft account log and then they successfully log in.
4. They then go through the onboarding procedure and can onboard their device.
5. Once onboarded the user then connects to the actual SSID using EAP-TLS.
We have tested the process fine on a Windows device and it is working fine. When we tested on an iPHONE, the IPHONE user gets to step 2 when they select the onboard button they just get a success page. They are not able to onboard and they cannot connect on the SSID with the cert.
Is this a CPPM version issue, as I see some onboarding fixes but nothing that mentions this specifically. I have checked the config and IOS devices are allowed to onboard. I have asked for the user to test onboard on Android, MAC OSX, iPAD and test with another iPHONE
Thanks,