Skip to main content (Press Enter).
Register | Sign in
Skip auxiliary navigation (Press Enter).
Skip main navigation (Press Enter).
Toggle navigation
Discussion
Support
Technical Product Details
Community Learning
News
Events
Search
Blog Viewer
AAA, NAC, Guest Access & BYOD
View Only
Community Home
Discussion
22
Library
796
Members
164
last person joined: 3 days ago
Clearpass, CPPM, OnBoard, OnGuard, Guest, QuickConnect, AirGroup, IntroSpect
Why ClearPass is not initiating change of authorization(CoA) for rejected radius request client?
By
esupport
Unpublished
2
Kudos
Q:
Why ClearPass is not initiating a CoA request to disconnect the client post rejecting the client's Radius request by responding with access-reject response?
A:
ClearPass uses internal cache "Battery" DB to store the client Radius request data & using data stored in "Battery" DB, CoA will be initiated
Starting from the 6.6.2 version, ClearPass stopped storing the data of rejected Radius requests (Access-Reject) in "Battery" DB
Due to this design change, CoA will not be triggered for the client if its Radius request is rejected by ClearPass for any reason
In case if we need the CoA for any guest/device registration workflow for the new clients then we need to make sure the initial MAC-Auth should be a success by using "Allow All MAC Auth" authentication method. With Access-Accept, we could redirect the new clients to the portal page if necessary using the enforcement profile for registration purposes.
0 comments
29 views
Permalink
Privacy policy
Terms of service
Site Map
Legal
© Copyright 2021 Hewlett Packard Enterprise Development LP
All Rights Reserved.
Powered by Higher Logic