I'm running a Clearpass cluster (6.11.5) with 3 multi-site nodes.
2530 / 2540 /2930f switches and IAP clusters. It's working.
I have a question for wired access:From Access Tracker, is it normal that I can't bounce on a switch port that hasn't been authenticated by the cluster member I'm connected to on the web interface?I get the message "No response from network device". With tcpdump, I don't see any traffic on port 3799 from the server.
To make it work, i have to connect to the cluster member (publisher or subscriber) who authenticated the device.
Port 3799 is open and works for all sites. I've tested CoA by modifying the configuration of a switch to put one clearpass server at a time.
I thought you could do this from the publisher. But I may have a configuration problem.
I my 6.9.13 cluster with 6300M AOS CX no matter on which sub I am to bounce a port.
I hope this behaviour will be the same after my upgrade
Did you configure zones? Reason for asking is that lookup of the session information for CoA may only work on ClearPass nodes that are in the same zone.
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.