Security

Hi all,
I have an issue with profiling using coa. My coa works fine, it can disconnect users after allowing the user to do a dhcp process. But i have an issue where in my endpoint, the user endpoint category wont get updated. It's like the option55 doesnt get forwarded to the clearpass or my clearpass cannot read it.
I tried to sniff the dhcp process and i can confirm thr option55 is there in the request.
All happens in same subnet so firewall should not be an issue.
I need an idea what i have to check. Kinda stuck here. Thanks in advance.

One more thing, the access switch is the dhcp server, both wlc and switch already has helper address to clearpass.

Look at this from the perspective of not profiling. Don't bring in CoA to this yet as an issue or part of it. Is anything profiling in ClearPass? 

Many switches will not relay if the the server is in the same subnet.

Hi Seth, let say it doesnt. What do i check?

Hi Tim. I use 2960. It works in my lab and i only restore everything to my customer poc environment. The different is just the 2960 the dhcp server now.

found the workaround.

seems like i cannot run the access switch that forwarding ip helper as dhcp server.

when i remove dhcp server config from the switch and put it on other devices, profiling works just fine. probably just a bug on switch side. i am using 15.2(2)E7