12-17-2013 08:23 AM
I was trying to get an advanced feature, the equivalent of downloadable ACLs, to work on a Juniper switch and I ran into an issue. I had to add a string to the Juniper dictionary in ID #48. I exported the Juniper dictionary, made the change, and then re-imported the dictionary - without an error. I then tried to reference the new string in an enforcement profile and it threw the following error in the logs from Access Tracker:
2013-12-10 16:43:01,211[RequestHandler-1-0x7fc3e4761700 h=857
c=R00000026-01-52a78ae5] ERROR Common.RadiusDictTable - No Attribute for
VendorId = 2636, AttrId = 482013-12-10
c=R00000026-01-52a78ae5] ERROR Common.RadiusVendorAttrMap - Invalid
attribute Id=48 Vendor=Juniper2013-12-10
c=R00000026-01-52a78ae5] ERROR Common.BaseRadiusEnfProfileCacheObj -
Failed to insert Vendor=Juniper attrId=48 Value=match destination-ip
220.127.116.11/32 action deny
I hadn't come across an error like this before, and wasn't sure how to proceed. My next step may be to create a brand new dictionary from scratch, with only this value, and then see what happens.
Any help would defintitely be appreciated - thanks!
12-17-2013 09:38 AM
It looks like a mapping error on the dictionary and I havent seen that issue before can you open a TAC case and let them dig into it?
--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.
--Problem Solved? Click "Accepted Solution" in a post.
05-05-2015 03:04 PM
I know this is an old question, but I had exactly the same problem. For anyone else out there, you need to restart the RADIUS service on Clearpass in order for it to reload all of the dictionary attributes - even though they already show up in the GUI for your Authorization profiles.