Wireless Access

Reply
Contributor II

Tunnel DMZ for CPPM Guest, CoA / rfc-3576 not working

I have a tunnel DMZ setup and working, thanks to many posts here and a very helpful SE.  I have CPPM CoA / rfc-3576 disconnects working on all my regular SSIDs and controllers, but it doesn't work from clearpass guest on the tunnel DMZ.  The NAS for the tunneled connections show up as my Master Controller on CPG. 

 

I have the rfc-3576-server entries on all the aaa profiles on the controllers, but I always get the error:

 

Error disconnecting session for user xxxxxxxx. Please check ClearPass Policy Manager > Monitoring > Live Monitoring > Access Tracker for more details.

 

and there's never anything in the Access Tracker.  As I mentioned, the NAS for the tunneled connections is listed as my master controller on CGP, so I suspect it doesn't know where to send back the disconnect to..

 

thanks

mike

 

Mike Davis
Network Engineer
University of Delaware
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: