Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

OAC - 802.1X layer 2 - Connection prior to Windows login - certificate rejected

SOLVED
Go to solution
papageno_
Contributor
‎08-08-2012 06:46:AM
‎08-08-2012 06:46:AM

OAC - 802.1X layer 2 - Connection prior to Windows login - certificate rejected

Hi all

 

I am trying to set up Odyssey for 802.1x authentication to UAC, using the "Prior to Windows login" option for single sign on.  However, the Odyssey client is rejecting the UAC's certificate, even though I have installed all the certificates in the chain under the machine account, as described in 

 

http://kb.pulsesecure.net/InfoCenter/index?page=content&id=KB10484

 

Instead, the logon via the Odyssey tile finally results in

 

Odyssey Access Client was unable to connect to the network

Reason: Client issued alert 42(bad certificate)

Type: EAP-TTLS

Access point id:                              User Name:

 

If I configure the PC to use the Microsoft 802.1x driver, and use Single-sign-on using machine credentials prior to Windows login, and to care about the certificate presented, it does not complain about the offered certificate.

 

The details are:

 

Odyssey UAC Edition v 5.40.19633.0

Windows 7 Enterprise SP1

UAC (IC6500) 4.2R3 (build 19633)

 

Any ideas on what is going on and how to fix it?

 

Secondarily, is there any way to get Odyssey to log the attempt?  I can do it from the Odyssey GUI once I am already logged in, of course, but how can I get it to log the events prior to login?

 

Any help gratefully accepted.

 

 

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
papageno_
Contributor
‎08-08-2012 10:08:AM
‎08-08-2012 10:08:AM

Re: OAC - 802.1X layer 2 - Connection prior to Windows login - certificate rejected

Found the problem.  I had not configured the trust under Odyssey Access Client Manager ... Initial Settings ... Trusted Servers.

View solution in original post

0 Kudos
3 REPLIES 3
papageno_
Contributor
‎08-08-2012 08:49:AM
‎08-08-2012 08:49:AM

Re: OAC - 802.1X layer 2 - Connection prior to Windows login - certificate rejected

 

 

Also, if we configure Odyssey to connect after Windows logon, we get no such error.  I have checked that the certificates held in the machine account are the same ones as in the user account.  Why would the machine reject the certificate if the user process doesn't?

0 Kudos
papageno_
Contributor
‎08-08-2012 08:53:AM
‎08-08-2012 08:53:AM

Re: OAC - 802.1X layer 2 - Connection prior to Windows login - certificate rejected

...and if I disable server verification in the initial profile, all goes well.

0 Kudos
papageno_
Contributor
‎08-08-2012 10:08:AM
‎08-08-2012 10:08:AM

Re: OAC - 802.1X layer 2 - Connection prior to Windows login - certificate rejected

Found the problem.  I had not configured the trust under Odyssey Access Client Manager ... Initial Settings ... Trusted Servers.

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.