Security

Reply
Occasional Contributor II

Radius CoA Bounce Host-Port Failed

Hi all,

 

I'm having an issue with Radius CoA, which doesn't work as I expected. What I'm trying to do is to use CPPM to authenticate a device based on its MAC address, then profile it and after that have CPPM send bounce host-port message to the switch to assign proper VLAN for that device. The authentication and profiling process have worked well so far. However, I got stuck at CoA step:

Summary.png

 

hpe_failed.png

 

I'm using an Aruba 5400 switch for testing. I tried changing the CoA profile to Aruba Bounce Host-Port (instead of HPE Bounce Host-Port), but it didn't work either:

aruba_failed.png

 

I checked the switch and look like it did receive CoA messages from CPPM:

radius_dyn_author.png

 

Below is my configuration on CPPM and Aruba switch:

cppm.png

 

switch.png

 

Please tell me what I did wrong. I really appreciate your help.

 

Thank you,

Occasional Contributor II

Re: Radius CoA Bounce Host-Port Failed

Hi,

 

Can anyone share your ideas on this? Where should I check next to make it work?

 

Thank you,

Guru Elite

Re: Radius CoA Bounce Host-Port Failed

What message do you get when try it manually from Access Tracker?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Radius CoA Bounce Host-Port Failed

Hi cappali,

 

I got ACCEPT message from Radius server but the Radius CoA tab showed that bounce host-port had failed.

 

aruba_failed.png

Guru Elite

Re: Radius CoA Bounce Host-Port Failed

Are both the switch and ClearPass server using NTP?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: