Security

last person joined: 7 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

ClearPass RADIUS Accounting - Wired 802.1x

This thread has been viewed 5 times

  • 1.  ClearPass RADIUS Accounting - Wired 802.1x

    Posted Jul 18, 2016 08:57 PM

     

    Trying to get the Framed-IP-Address sent by ClearPass to a RADIUS accounting proxy target for a Wired 802.1x policy but doesnt seem to be working.

     

    Using an HP Comware 5 switch as NAS which is configured for RADIUS.

     

     

     

    1.png

     

    Same thing is working for a wireless policy, where Framed-IP can be seen in the RADIUS accounting logs.

     

    Anyone got this working?



  • 2.  RE: ClearPass RADIUS Accounting - Wired 802.1x
    Best Answer

    EMPLOYEE
    Posted Jul 18, 2016 08:58 PM
    Be sure you have DHCP snooping enabled on the switch.


  • 3.  RE: ClearPass RADIUS Accounting - Wired 802.1x

    Posted Jul 19, 2016 12:22 AM

    Perfect! That did it!

     

    For posterity - to enable on a comware 5 device acting as an edge switch:

     

    [SWITCH] dhcp-snooping

    [SWITCH] interface <uplink to L3 switch / DHCP server port>

    [SWITCH] dhcp-snooping trust

     

    Verify with 

     

    [SWITCH] display dhcp-snooping