I created a VirtualController for a group of IAPs. I can get to the VC and see my cluster of IAPs to manage through the assigned APs. I added the VC IP into ClearPass under Configuration->Network->Devices. I then created the radius servers on the IAP using the same shared secret and ensuring the correct IPs were used. When I try to connect to a SSID that requires radius auth through CP it fails and doesn’t hit CPPM.
My next test was to take the IP of the AP and NOT the IP of the VC and add it to ClearPass. Once I did that and removed the VC IP for CPPM everything worked.
Can clearpass use the VC IP to perform radius authentications?