I use ClearPass to authenticate wired network computers (on cisco switch).
I first use 802.1x (with certificate) during 30secondes (tx-period = 10, max-reauth-req = 2), and if it failed I use MAB.
After both 802.1x and MAB authentication I have a post_authentication enforcement that update Endpoint attribut (time_of_authentication, type_of_authentication = MAB or DOT1X).
Sometimes, some devices success in 802.1x just after the change of authentication method on the switch (from 802.1x to MAB). When it's happend, on the ClearPass tracker I can see the MAB authentication success and some seconds later the DOT1X authentication success for the same mac address (same Endpoint).
The problem is that the Endpoint attribute contains the "time_of_authentication" value from the DOT1X authentication (the second authentication), but the "type_of_authentication" contains value for the MAB (the first authentication). I have a mixed between the two post_authentication.
When two authentication process (MAB and DOT1X) for the same Endpoint are very close, how can we forced ClearPass not to mixed Endpoint Attribute update ?
I tried to increase the tx-period to avoid having DOT1X and MAB in the same time, but always this problem with very slow computer.