06-05-2017 01:52 PM
I'm in the beginning stages of deploying ClearPass and am trying to use a test laptop to connect to a guest wifi network. I can connect to the network and have seen previously that the laptop failed auth, hitting the wrong policy due to restrictive conditions.
After modifying the policy and ensuring the right conditions should have been matched, I'm now not seeing any failures at all in the access tracker. I've tried rebooting the laptop, logging out of ClearPass and back in. It doesn't see or record any of the failures.
I want ClearPass to show -all- failures regardless of whether a previous failure occurred and they are still "locked out" or what have you. Is there any way to do that?
Solved! Go to Solution.
06-05-2017 02:41 PM
I do not. I made sure to clear the filter and set the access tracker to show only the last 1 day. I've failed login numerous times with this laptop since doing this and it hasn't shown anything for 3 hours or more.
06-05-2017 02:46 PM
There are some entries but they are related to sync with some of our other secondary CPPM nodes at other sites. Nothing about the failures I'm looking for.
06-05-2017 02:52 PM
Or nothing is blocking the radius traffic between clearpass and the NAD
Can you ping ClearPass from the NAD?
Get Outlook for iOS
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
06-05-2017 02:58 PM
The radius auth for this ssid is definitely pointing to the clearpass server. It sent a log upon the first failure to the Access Tracker, but none after that. We have no internal firewalls in between the device, controller, and the CPPM server.
I can ping the CPPM server from the controller, yes.
06-05-2017 03:14 PM
It seems that when the user is still present in the user-table and they try to re-auth, it does not send any sort of failure message to CPPM. Deleting the user from the user-table fixes this.
On another topic, is there any way to have a controller auto-remove a user as soon as it disconnects from station?