Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Error when referencing a new value in an existing Clearpass dictionary

This thread has been viewed 0 times

  • 1.  Error when referencing a new value in an existing Clearpass dictionary

    Posted Dec 17, 2013 11:23 AM

    I was trying to get an advanced feature, the equivalent of downloadable ACLs, to work on a Juniper switch and I ran into an issue. I had to add a string to the Juniper dictionary in ID #48. I exported the Juniper dictionary, made the change, and then re-imported the dictionary - without an error. I then tried to reference the new string in an enforcement profile and it threw the following error in the logs from Access Tracker:

     

    2013-12-10 16:43:01,211[RequestHandler-1-0x7fc3e4761700 h=857

    c=R00000026-01-52a78ae5] ERROR Common.RadiusDictTable - No Attribute for

    VendorId = 2636, AttrId = 482013-12-10

    16:43:01,211[RequestHandler-1-0x7fc3e4761700 h=857

    c=R00000026-01-52a78ae5] ERROR Common.RadiusVendorAttrMap - Invalid

    attribute Id=48 Vendor=Juniper2013-12-10

    16:43:01,211[RequestHandler-1-0x7fc3e4761700 h=857

    c=R00000026-01-52a78ae5] ERROR Common.BaseRadiusEnfProfileCacheObj -

    Failed to insert Vendor=Juniper attrId=48 Value=match destination-ip

    8.8.8.8/32 action deny

     

    I hadn't come across an error like this before, and wasn't sure how to proceed. My next step may be to create a brand new dictionary from scratch, with only this value, and then see what happens.

     

    Any help would defintitely be appreciated - thanks!

     

    -Mike

     

     


  • 2.  RE: Error when referencing a new value in an existing Clearpass dictionary

    EMPLOYEE
    Posted Dec 17, 2013 12:38 PM
    Mike,

    It looks like a mapping error on the dictionary and I havent seen that issue before can you open a TAC case and let them dig into it?


  • 3.  RE: Error when referencing a new value in an existing Clearpass dictionary

    Posted May 05, 2015 06:04 PM

    Hi Mike,

     

    I know this is an old question, but I had exactly the same problem.  For anyone else out there, you need to restart the RADIUS service on Clearpass in order for it to reload all of the dictionary attributes - even though they already show up in the GUI for your Authorization profiles.

     

    Cheers,

     

    Ben