Security

last person joined: 16 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

CPPM not processing Cisco DACL

This thread has been viewed 1 times

  • 1.  CPPM not processing Cisco DACL

    Posted May 28, 2014 04:30 PM

    I'm having an issue with CPPM 6.3.1 and Cisco 3750 IOS 15.0.2(se4). The DACL gets sent by CPPM but then it fails to process the request and the DACL is not applied. This was working in 12.2 but COA was not, hence why the upgrade to 15.0.2 was performed (per Aruba SE)- now COA works but DACL doesn't. Any thoughts?

     

    2014-05-28 16_17_48-ClearPass Policy Manager - Aruba Networks.png

     

     



  • 2.  RE: CPPM not processing Cisco DACL

    EMPLOYEE
    Posted May 28, 2014 04:32 PM

    Have you opened a case with Cisco?  It appears that in each IOS code version, CoA or dACLs work so one can make a careful assumption that the CPPM config is sound.  Was there anythign Cisco changed with the code upgrade for RADIUS authentication syntax?



  • 3.  RE: CPPM not processing Cisco DACL

    Posted May 28, 2014 04:43 PM

    I have not Seth. However, I just pasted the same exact config back into the switch (copy and paste from my config doc) and now it works with no other changes. Odd but now working. 



  • 4.  RE: CPPM not processing Cisco DACL

    EMPLOYEE
    Posted May 28, 2014 04:55 PM

    Wow - that's weird...thanks for getting back to us though!



  • 5.  RE: CPPM not processing Cisco DACL

    Posted May 28, 2014 09:15 PM

    The IOS was rolled back from 15.0.3 to 15.0.2 so something must have changed but I have not found out exactly what yet.