I have been rolling out ClearPass to our company for wireless 802.1x authentication.
I have now been testing it for wired profiles and currently on a Cisco switch when a user attempts to connect they are getting a timeout message.
The access tracker shows the timeout and the below:
The logs show:
2020-05-25 13:05:38,396 [main SessId R000000a5-01-5ecbb45d] ERROR RadiusServer.Radius - reqst_clean_list: Deleting request sessid - R000000a5-01-5ecbb45d, state - AHAA6QD9AAG5AwAAJ+ucxvGpis/K+hD2S1ejqA=
2020-05-25 13:05:38,396 [main SessId R000000a5-01-5ecbb45d] ERROR RadiusServer.Radius - reqst_clean_list: Packet 250:151:88:00-24-9B-0D-E2-E3 recv 1590408285.329495 - resp 1590408285.332988
Not sure what this could be be.
I have selected it to use EAP-TLS however in the access tracker I noticed this:
Any ideas on what the above logs could mean?
The majority of the time, if this is a new network, it means that the client has never seen the ClearPass Server certificate and has to click on accept.
If you are using EAP-TLS does certificate is already present in client machine?
Check CPPM access tracker log for more details, if you see access-challenge from server and if it nor receiving any response it means either switch not forwarding the request to client or clients itself not responding back to challenge.
Check switch logging logs as well for more details to see if it forwarded request to client or not.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.