Jumpcloud RADIUS Auth failure

Reply
Highlighted
L2 Linker

Jumpcloud RADIUS Auth failure

Hi,

 

I have configured a RADIUS profile to use a "Directory as a service" provider (JumpCloud) for authentication, I have tested this with LDAP and everything seems to work as intended but when I configure the Radius profiles and test authentication via the cli I get the following response

Failed EAPOL auth (-1).
Response for user: "bob" from RADIUS server: "self signed certificate in certificate chain; unknown CA"

I have been through and installed the certificate chains for JumpCloud as well as the certificate they provide so I am not sure I understand exaclty what this certificate error is refering to.

 

Any help will be appreciated.

 

/M

Tags (2)

Accepted Solutions
L2 Linker

Looks like I have managed to solve this issue, appears I had the wrond certificate chains loaded.

View solution in original post


All Replies
L2 Linker

Looks like I have managed to solve this issue, appears I had the wrond certificate chains loaded.

View solution in original post

Highlighted
L0 Member

Hi @Marc_T,

 

Please can you share more light on how you resolved this issue?

 

I'm having the same issue as well. However, this time, it is Palo Alto RADIUS authentication via Aruba ClearPass, using EAP-MSCHAPv2 as Authentication protocol. My experience in SSL certificates is not so fantastic. 

 

Actually, an SSL certificate was installed on the RADIUS server (ClearPass) which I exported and imported into the Palo Alto firewall.

 

Patiently waiting for your feedback. 

 

 

Highlighted
L1 Bithead

Hi @Marc_T ,

 

I'm having this exact same issue with JumpCloud RADIUS auth; any chance you could let us know what resolved the issue for you? I'v tried every possible version of certificates/certificate chains that I can think of, but still no luck. Would really like to know how you resolved this.

 

Thanks!

Highlighted
L2 Linker

Hi @nolansuess ,

 

Its been a while since I used this so I hope all the information I have still configured in my firewall is still valid.

There are the certificates I had to install and then create a certificate profile from:

Marc_T_0-1582486976365.png

You should be able to download any updated certs from here: https://support.jumpcloud.com/support/s/article/jumpcloud-radius-certificate-for-eap-ttls-client-dep...

 

Once I had all that configured I created the Radius profile as per usual

Marc_T_1-1582487071013.png

Let me know if this helps

 

/M

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!