in order to implement wired guest service, we currently try to initiate a CoA Port Bounce on a HPE Aruba 2930M Stack with WC.16.09.0004 installed. Clearpass is running in Version 188.8.131.52034 on C2000V platform.
Troubleshooting done so far:
- Both CPPM and Switch are running NTP.
- Switchconfig was checked with this guide: http://h22208.www2.hpe.com/eginfolib/networking/docs/switches/WB/15-18/5998-8152_wb_2920_asg/content/ch06s04.html#s_Configuring_the_switch_to_access_a_RADIUS_server
- Switch is added as NAD with vendor Hewlett-Packard-Enterprise- Standard-CoA-Port 3799 is used
radius-server host X.12 key XXX
radius-server host X.12 dyn-authorizationradius-server host X.12 time-window plus-or-minus-time-windowradius-server host X.12 time-window 0
Please help, why we are receiving the folling error message when trying to send a CoA:Radius [ArubaOS Switching - Bounce Switch Port] failed for client 48XXXfXX. Unsupported-Attribute.
thanks for the immediate reply :)
Actually the times match, because both devices are using NTP to synchronize against our AD-Servers.
Here some screenshots:
This is a bug in 6.8.3. A hotfix will be released next week to address this issue.
A note was added to the download shortly after it was discovered and it is in the release notes: https://www.arubanetworks.com/techdocs/ClearPass/CP_ReleaseNotes_6.8.3/Default.htm#WhatsNew/KnownThisRls.htm#known_35984
No - we are not using VIP even though we have a Clearpass-Cluster. This is because we are not L2-Connected between the nodes.
In the switch there are both CPPM-Nodes configured as radius hosts and we do the failover via the switch logic.
We are currently doing some Wireshark and we can see, that CPPM is correctly sending the COA but the switch is returning the CoA-NAK:
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.