Hi
If you check the Event log, do you get error messages about an unknown device trying to authenticate?
Before the switch can communicate with ClearPass you need to allow it under Configuration \ Network \ Devices. Add the switch IP or the subnet, specify Vendor as Cisco and provide the same shared secret as in the switch. In your configuration above 123. Consider making the shared secret a bit longer.
You can find the documentation how to implement the Wired enforcement in this document:
ClearPass Solution Guide Wired Policy Enforcement
This will describe both the ClearPass configuration and the switch configuration.
From page 128 you have the Cisco switch configuration
------------------------------
Best Regards
Jonas Hammarbäck
MVP Guru 2024, ACEX, ACDX #1600, ACCX #1335, ACX-Network Security, Aruba SME, ACMP, ACSA
Aranya AB
If you find my answer useful, consider giving kudos and/or mark as solution
------------------------------
Original Message:
Sent: Aug 21, 2024 07:53 AM
From: adel
Subject: adding device to clearpass
i am new to cleaarpass and trying to add cisco switch and other pc attached to the switch,
i have added below radius configuration to the switch (switch can ping clearpass and vice versa)
aaa new-model
!
!
aaa authentication dot1x default group radius
aaa authorization exec default local group radius
aaa authorization network default group radius
aaa accounting dot1x default start-stop group radius
!
aaa server radius dynamic-author
client 10.20.20.254 server-key 123
port 3799
auth-type all
!
!
dot1x system-auth-control
!
!
interface eth 0/0 ( connected to PC)
switchport mode access
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
mab
dot1x pae authenticator
!
!
snmp-server community CPPM RO
!
!
radius server CPPM
address ipv4 10.20.20.254 auth-port 1645 acct-port 1646
key 123
when I add device IP in clearpass it does not show on endpoints or access tracker any devices, also I added wired service
what is the configuration needed between the cisco switch interface and clearpass.
other word clearpass does not react at all to the connected devices.