Security

Reply
Super Contributor I
Posts: 307
Registered: ‎02-07-2013

Issue with proxying auth requests

Hi,

Having configured clearpass 6.5 to successfully proxy off auth requests to a Freeradius server and assigning a vlan using a value in the access-accept packet I then had to move my dev server onto anotherESX cluster.

Having backed up the CPPM config I creared another VM on the new cluster and restored the confg from the backup.

 

This is where you discover all the things that aren't in the backup, but I got round them o.k.

 

The problem is that althugh CPPM is proxying off an auth request to FR and FR is sending back an access accept with "stuff" to use, CPPM is sitting there saying that  the remote host hasn't responded.

 

FR send back

 

Tue Apr 21 17:31:28 2015 : Info: Sending Access-Accept packet to host 144.32.129.12
6 port 1814, id=23, length=0
Tue Apr 21 17:31:28 2015 : Info:        Tunnel-Private-Group-Id:0 = "226"
Tue Apr 21 17:31:28 2015 : Info:        Proxy-State = 0x3834
Tue Apr 21 17:31:28 2015 : Info:        Acct-Interim-Interval = 1800
Tue Apr 21 17:31:28 2015 : Info:        Termination-Action = RADIUS-Request
Tue Apr 21 17:31:28 2015 : Info:        Session-Timeout = 28800
Tue Apr 21 17:31:28 2015 : Info:        Tunnel-Type:0 = VLAN
Tue Apr 21 17:31:28 2015 : Info:        Tunnel-Medium-Type:0 = IEEE-802

 

I've tried setting up another proxy server and it does the same thing.

 

Just downloading patch 1 for 6.5 to see if that makes a difference .

 

A

Aruba Employee
Posts: 571
Registered: ‎04-17-2009

Re: Issue with proxying auth requests

You could do a packet capture from CPPM to make sure that the response is getting to CPPM.

 

Thanks,

Zach Jennings
Search Airheads
Showing results for 
Search instead for 
Did you mean: