ClearPass: Using GMail for SMTP

Using Google Gmail as your ClearPass Messaging SMTP Server

• Navigate to https://Clearpass_IP/
• Click on the "ClearPass Policy Manager"
• Login using user/password = admin/eTIPS123  (use your own user/pw of course)
• Click the Administration Tab on the left window pane
• Within the Administration tab, expand "+ External Servers", then click "Messaging Setup"
• Server name =  "smtp.gmail.com"
• User Name & Password = your valid Gmail account settings
• Connection Security = "StartTLS"

• Next, install most of the root certs you can download from this link https://pki.goog/ otherwise you will see errors like this in your event log
• Send Error: Could not convert socket to TLS

• Click the Administration Tab on the left window pane
• Within Administration tab, expand "+ Certificates", then click "Trust List"
• Top right of your screen, click "+ Add" and load the "Root CAs" DER files you previously were instructed to download; these will be enabled automatically as you install them

• You will have to lower your GMail security model or you will get the following error in your event log
  • Send Error: 534-5.7.14 <https://accounts.google.com/signin/continue?sarp=1&scc=1&plt=X lots of junk X> Please log in via 534-5.7.14 your web browser and then try again. 534-5.7.14 Learn more at 534 5.7.14 https://support.google.com/mail/answer/78754 84-v6sm40676653pfj.33 - gsmtp
  • you can read more about this error at this link
• you will need to follow option 2: change your settings to allow less secure apps
• the link at this time to set that up is https://myaccount.google.com/lesssecureapps
• You should now be able to send mail messages from Clearpass via smtp.gmail.com

• see the following link from google's support site with supporting reference information https://support.google.com/a/answer/176600?hl=en