Dell PowerConnect W-Clearpass 100 Software Guía de usuario descargar pdf (Pagina 92)

92 |Onboard ClearPass Guest 3.9 | Deployment Guide

Mark the Include device information in TLS client certificates check box to include additional fields

in the TLS client certificate issued for a device. These fields are stored in the subject alternative name

(subjectAltName) of the certificate. Refer to Table 16 on page 92 for a list of the fields that are stored in the

certificate when this option is enabled.

Storing additional device information in the client certificate allows for additional authorization checks to

be performed during device authentication.

Note: If you are using an Aruba Controller to perform EAP-TLS authentication using these client

certificates, you must have Aruba OS 6.1 or later to enable this option.

Note: Object Identifier. These OIDs are relative to the ClearPass Guest base OID, which is 1.3.6.1.4.1.14823.1.5.1.

Specify one of the following options in the Authority Info Access drop-down list to control automatic

certificate revocation checks:

 Do not include OCSP responder URL – The Authority Info Access extension is not included in the

client certificate. Certificate revocation checking must be configured manually on the authentication

server. This is the default option.

 Include OCSP responder URL – The Authority Info Access extension is added to the client

certificates, with the OCSP responder URL set to a predetermined value. This value is displayed as the

“OCSP URL”.

 Specify an OCSP responder URL – The Authority Info Access extension is added to the client

certificates, with the OCSP responder URL set to a value defined by the administrator. This value may be

specified in the “OCSP URL” field.

Table 16 Device Information Stored in TLS Client Certificates

Name Description OID

Device ICCID Integrated Circuit Card Identifier (ICCID) number from the

Subscriber Identity Module (SIM) card present in the device. This is

only available for devices with GSM (cellular network) capability,

where a SIM card has been installed.

mdpsDeviceIccid (.4)

Device IMEI International Mobile Equipment Identity (IMEI) number allocated to

this device. This is only available for devices with GSM (cellular

network) capability.

mdpsDeviceImei (.3)

Device Serial Serial number of the device. mdpsDeviceSerial (.9)

Device Type Type of device, such as “iOS”, “Android”, etc. mdpsDeviceType (.1)

Device UDID Unique device identifier (UDID) for this device. This is typically a 64-

bit, 128-bit or 160-bit number represented in hexadecimal (16, 32,

or 40 characters, respectively).

mdpsDeviceUdid (.2)

MAC Address IEEE MAC address of this device. This element may be present

multiple times, if a device has more than one MAC address (for

example, an Ethernet port and a Wi-Fi adapter).

mdpsMacAddress (.5)

Product Name Product string identifying the device and often including the

hardware version information.

mdpsProductName (.6)

Product Version String containing the software version number for the device. mdpsProductVersion (.7)

User Name String containing the username of the user who provisioned the

device.

mdpsUserName (.8)

1 2 ... 87 88 89 90 91 92 93 94 95 96 97 ... 517 518

Comentarios a estos manuales

Sin comentarios

Dell PowerConnect W-Clearpass 100 Software Guía de usuario Pagina 92

Comentarios a estos manuales

Relacionado con productos y manuales para Software Dell PowerConnect W-Clearpass 100 Software