Security

Reply
MVP
Posts: 395
Registered: ‎05-09-2013

ClearPass Communication Issue w/ Controller

Hi community,

 

I'm trying to work on an existing CPPM and Controller setup, but having some authentication issues. I'm not seeing any requests in Access Tracker or in the Event Viewer logs for the controller sending a MAC Auth request for a client. It appears as if the traffic isn't reaching clearpass. I did a packet capture on CPPM to verify, and did get the request:

 

2017-05-26-Image-002.png

I see the initial request, and when I dive into the RADIUS portion, it has the MAC address as username. I then see an ICMP attempt, which fails. Then a retry from the controller and so on. 

 

If I manually run a ping from CPPM (same interface) to the same controller, it is successful.

 

2017-05-26-Image-003.png

 

Whats the difference between the ICMP traffic during the RADIUS request and the ICMP traffic when doing a regular ping command? Why would one work and the other doesn't?


Thank you.

Michael Haring | AIS Consultant
Architecture and Implementation Solutions
Optiv Security Inc. | www.optiv.com
MVP
Posts: 395
Registered: ‎05-09-2013

Re: ClearPass Communication Issue w/ Controller

Also, logs on the controller show RADIUS server timeout, no response from server for the MAC auth.

 

Controller is .240 and ClearPass is .127


Thank you.

Michael Haring | AIS Consultant
Architecture and Implementation Solutions
Optiv Security Inc. | www.optiv.com
MVP
Posts: 4,307
Registered: ‎07-20-2011

Re: ClearPass Communication Issue w/ Controller

Are you using the Management and Data Port ?
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
MVP
Posts: 395
Registered: ‎05-09-2013

Re: ClearPass Communication Issue w/ Controller

[ Edited ]

We have both configured, but its all going through management.


Thank you.

Michael Haring | AIS Consultant
Architecture and Implementation Solutions
Optiv Security Inc. | www.optiv.com
MVP
Posts: 4,307
Registered: ‎07-20-2011

Re: ClearPass Communication Issue w/ Controller

Is the data port trusted or DMZ ?
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
MVP
Posts: 395
Registered: ‎05-09-2013

Re: ClearPass Communication Issue w/ Controller

We identified the problem - The RADIUS Server service in ClearPass had been stopped, for an unknown reason. This CPPM server is in a demo environment and had not been used for months. Not sure when it stopped, but that was the cause. We started it and got authentication requests immediately.

 

Thanks for the help.


Thank you.

Michael Haring | AIS Consultant
Architecture and Implementation Solutions
Optiv Security Inc. | www.optiv.com
Guru Elite
Posts: 21,499
Registered: ‎03-29-2007

Re: ClearPass Communication Issue w/ Controller

When you upgrade the server certificate, you have to restart the radius server service manually...



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 395
Registered: ‎05-09-2013

Re: ClearPass Communication Issue w/ Controller

[ Edited ]

That is interesting, that very well may have been what happened. I wasn't aware of that, thanks for the info!


Thank you.

Michael Haring | AIS Consultant
Architecture and Implementation Solutions
Optiv Security Inc. | www.optiv.com
Search Airheads
Showing results for 
Search instead for 
Did you mean: