Security

I have been following several guides by Danny Jump,

ClearPass 6.X and PANW Integration V5

and

PANW and CPPM Advanced Deployment use-case TechNote (V2-July 2014).pdf

Which have helped with the wireless integration but I'm missing something in the enforcement policy or profile because wireless. I do not see an accounting tab on the access Tracker but the username is being populated correctly from the Guest Device Repository. I see the IP being updated in the EP database. I can provide more information just not sure where to go next.

Thanks,

Rosie

Only the best, Alcatel.

I have the following configurations on the Alcatel switch

aaa radius-server "Clearpass" host x.x.x.x <other stuff> auth-port 1812 acct-port 1813

aaa authentication mac Clearpass

aaa accounting mac Clearpass

802.1x 1/31 direction both port-control auto quiet-period 60 tx-period 30 supp-timeout 30 server-timeout 30 max-req 2 re-authperiod 3600 no reauthentication
802.1x 1/31 supplicant bypass enable
802.1x 1/31 captive-portal session-limit 12 retry-count 3
802.1x 1/31 captive-portal inactivity-logout disable
802.1x 1/31 supp-polling retry 10
802.1x 1/31 supplicant policy authentication pass group-mobility default-vlan fail block
802.1x 1/31 non-supplicant policy authentication pass group-mobility block fail default-vlan
802.1x 1/31 captive-portal policy authentication pass default-vlan fail block

I see data coming in the live monitoring->accounting but not under a tab for the connection in Access Tracker. What I'm also not seeing come across from multiple switch vendors is Framed IP Address. I'm wondering if this is why I'm not seeing the data in PAN.