Hi All,
I have a scenario with Clearpass, Wireless Controller and RAPs in bridge mode on branches. On each branch I have a Fortinet firewall that does the web filter inspection.
We've configured Clearpass to send the Accounting Radius to the Fortinet Firewall successfully. However we are observing an abnormal behavior of Accounting Radius sent and in the packet capture we have identified that the Clearpass is sending Radius Start and after a few seconds Radius Stop. Making users disconnect from the RSSO rule in Fortinet.
By the capture analysis the cause of Radius STOP was idle user timeout.
In the AAA profile I have not configured the user idle timeout.
Has anyone ever been in this situation?
Thanks,
Ed