Security

Reply
Occasional Contributor I
Posts: 9
Registered: ‎04-04-2016

UnknownAutzParams - Juniper / Trapeze CoA

Hi Everyone,

 

I am trying to send a CoA request to a Juniper (Trapeze) WLC 880R. 

 

I am getting the following errors in the logs from the Enforcement Policy.

 

DEBUG Core.PETaskRadiusCoAEnfProfileBuilder - Adding attr=Radius:IETF:NAS-IP-Address|value=%{Application:WebLoginURL:portal_ip} to the EnforcementProfile outlist
DEBUG Core.PETaskRadiusCoAEnfProfileBuilder - Adding attr=Radius:IETF:Calling-Station-Id|value=%{Connection:Client-Mac-Address-Colon} to the EnforcementProfile outlist
DEBUG Core.PETaskRadiusCoAEnfProfileBuilder - Adding attr=Radius:IETF:Filter-Id|value=ClusterPermitALL.in to the EnforcementProfile outlist
DEBUG Core.PETaskRadiusCoAEnfProfileBuilder - Adding attr=Radius:Trapeze:Trapeze-CoA-Username|value=%{Authentication:Username} to the EnforcementProfile outlist
DEBUG Core.PETaskRadiusCoAEnfProfileBuilder - buildParamsToFetch: Building parameters to fetch for RadiusCoAEnforcement
INFO Core.PETaskRadiusCoAEnfProfileBuilder - UnknownAutzParams to fetch for RadiusCoAEnfProfiles: :
INFO Core.PETaskRadiusCoAEnfProfileBuilder - UnknownNAutzParams to fetch for RadiusCoAEnfProfiles: :

 

I can see no payload even arriving at the Receving WLC. 

 

Any Ideas?

 

Thanks,

 

Jaggie

CP 6.6

MVP
Posts: 4,301
Registered: ‎07-20-2011

Re: UnknownAutzParams - Juniper / Trapeze CoA

Try this and see if it works:

Screen Shot 2016-04-21 at 12.06.50 PM.png

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Occasional Contributor I
Posts: 9
Registered: ‎04-04-2016

Re: UnknownAutzParams - Juniper / Trapeze CoA

Hi Victor,

 

I added the the Framed IP Addrress as this was the only thing that was different in my policy to your screenshot.

 

I am assuming that the order doesn't make any difference?

 

Thanks,

 

Jaggie

MVP
Posts: 4,301
Registered: ‎07-20-2011

Re: UnknownAutzParams - Juniper / Trapeze CoA

No

Sent from Outlook for iPhone
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Occasional Contributor I
Posts: 9
Registered: ‎04-04-2016

Re: UnknownAutzParams - Juniper / Trapeze CoA

Unfortunately I have the exact same error.

 

Thanks,

 

John

MVP
Posts: 4,301
Registered: ‎07-20-2011

Re: UnknownAutzParams - Juniper / Trapeze CoA

Do you have accounting enabled on the trapeze WLC ?

Sent from Outlook for iPhone
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Occasional Contributor I
Posts: 9
Registered: ‎04-04-2016

Re: UnknownAutzParams - Juniper / Trapeze CoA

Nope accounting is not enabled but I have added the CP server as a DAC server on the WLC.

 

I have other DAC servers that can make CoA requests to these WLCs and accounting is not enabled for them either.

 

Thanks,

 

Jaggie

MVP
Posts: 4,301
Registered: ‎07-20-2011

Re: UnknownAutzParams - Juniper / Trapeze CoA

I ran into an issue with CoA and trapeze when accounting was enabled.

Also how do you have the trapeze WLC identified as under network devices ?

Sent from Outlook for iPhone
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Occasional Contributor I
Posts: 9
Registered: ‎04-04-2016

Re: UnknownAutzParams - Juniper / Trapeze CoA

Accounting is enabed on CP but not on the Juniper WLC. 

 

CP is doing accounting for an Aruba Mobility Controller.

 

The device is declared as "Trapeze" but I have also tried to swap this to "Juniper" with the same error.

 

Thanks,

 

Jaggie

MVP
Posts: 4,301
Registered: ‎07-20-2011

Re: UnknownAutzParams - Juniper / Trapeze CoA

Please change it to IETF as vendor name
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Search Airheads
Showing results for 
Search instead for 
Did you mean: