a month ago
I have a tunnel DMZ setup and working, thanks to many posts here and a very helpful SE. I have CPPM CoA / rfc-3576 disconnects working on all my regular SSIDs and controllers, but it doesn't work from clearpass guest on the tunnel DMZ. The NAS for the tunneled connections show up as my Master Controller on CPG.
I have the rfc-3576-server entries on all the aaa profiles on the controllers, but I always get the error:
Error disconnecting session for user xxxxxxxx. Please check ClearPass Policy Manager > Monitoring > Live Monitoring > Access Tracker for more details.
and there's never anything in the Access Tracker. As I mentioned, the NAS for the tunneled connections is listed as my master controller on CGP, so I suspect it doesn't know where to send back the disconnect to..
University of Delaware