Security

I'm having a problem with ClearPass: some people with Windows laptops, after restarting, or for example, changing their password during the day, then locking Windows and logging back in, OnGuard doesn't perform a health check, and the wireless connection remains connected but without internet.

The connection only returns to normal if they turn off Wi-Fi and turn it back on, then it goes through the posture process and connects normally.

My opinion is that perhaps ClearPass stores some cache and doesn't validate again just by restarting or unlocking the laptop.

I would like to know if anyone has seen a similar problem, and if it would be possible to force OnGuard posture every time the laptop is unlocked or restarted.

I'm on version 6.11.12 Active-Passive Cluster.

Yes, ClearPass keeps a cache of posture data, as well the agent should be configured to redo/repost status regularly, at least before the posture status expires.

It may be best to go through the configuration with your HPE Networking partner, as there is no generic issue that I'm aware of, so it must be something specific in your setup.

Why are you using MS-CHAPv2 in 2026? Also consider integrating ClearPass with your MDM instead of using OnGuard.

-------------------------------------------

Hello Ahollifield,

Could you provide me with some information or documentation so I can better understand this option? Thank you.

MDM, we use Intune

Hello Ahollifield,Could you provide me with some information or documentation so I can better understand this option? Thank you.