Hi,
So i'm using a 802.1x SSID in combination with OnGuard. However, I can't seem to get the wireless users to change roles or re-run the authentication (without disconnecting (as in bouncing) them with the agent).
I've already gone through the usual stuff about this type of configuration:
- Checked RFC3576 servers and keys
- No firewall in between (same subnet)
- All NAD's are added and CoA checkbox is marked
- Have the server derivation rules (see screenshot)
- Have a web auth service for health check only
- Have cached roles and posture results
Wired works perfectly but can work with bounce client (which is not really useful for wireless clients as they won't reconnect. I've tried CoA terminate sessions, A CoA coupled with a user-role but nothing seems to be working. Role always stays the same.
Can someone help?