Yes. Please install your PEF licenses, enable them, and then try again?
------------------------------
Dustin Burns
Lead Mobility Engineer @Worldcom Exchange, Inc.
ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2022
If my post was useful accept solution and/or give kudos
------------------------------
Original Message:
Sent: Jun 29, 2022 01:53 PM
From: BILLOT Emmanuel
Subject: Clearpass / Guest access not working anymore
Controler do not have such address and it did not have before.
You speak about captive portal "running", does any process may be running ? How could i check it ?
Does captif portal need PEF ? Maybe licence add was not complete ?
Original Message:
Sent: Jun 29, 2022 01:17 PM
From: Dustin Burns
Subject: Clearpass / Guest access not working anymore
Did you check to see if your controller has an IP address in the Guest VLAN? Looks like captive portal is not launching.
------------------------------
Dustin Burns
Lead Mobility Engineer @Worldcom Exchange, Inc.
ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2022
If my post was useful accept solution and/or give kudos
Original Message:
Sent: Jun 29, 2022 01:08 PM
From: BILLOT Emmanuel
Subject: Clearpass / Guest access not working anymore
Hi,
Problem is that no configuration was changed and "before" licence add (i don't know why), requests were catched by service.
I found what was the condition that make request not match :
| Connection | Client-Mac-Address | NOT_EQUALS | %{Radius:IETF:User-Name} |
this condition WAS WORKING BEFORE.
Removing it make service match but captive portal does not work too...
Actually, users are not "catched" by captive portal, and clients come with MAC adress as user and that make service not match.
No change was made on clearpass, only on controler, and that was only licence add... So controler seems to be "misconfigured" or going crazy ?
What could i do to debug it ?
Original Message:
Sent: Jun 29, 2022 12:27 PM
From: Dustin Burns
Subject: Clearpass / Guest access not working anymore
"Failed to classify request to service" means that none of your ClearPass services are matching the radius request. Check the service you want it to hit, and see if there was something that changed after the controller reboot. You can see the attributes in the RADIUS request portion of the access tracker entry. In your services see if the RADIUS request attributes line up with the service. Does your controller have an IP in the guest VLAN to allow for the captive portal to work? Maybe somehow that is missing?
------------------------------
Dustin Burns
Lead Mobility Engineer @Worldcom Exchange, Inc.
ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2022
If my post was useful accept solution and/or give kudos
Original Message:
Sent: Jun 29, 2022 12:21 PM
From: BILLOT Emmanuel
Subject: Clearpass / Guest access not working anymore
Hi,
I recently experienced a boring issue : last week i add 20 AP licences and PEF to our controler. Import was a success.
Some issue begin to appear on 802.1X SSID, with no real cause.
I rebooted controler and all seemed to be ok.
However, i notice after that Guest access was no more working too, even after controler reboot.
In clearpass, all request fail with "Failed to classify request to service" as all clients come with mac address as username, and do not trigger captive portal.
No other configuration was modified, only new licence import. No way to make guest work again, when a guest request is done; controler says "Authentication server request Timeout" and clearpass reject all request with "Failed to classify request to service".
Does anyone know what could happen ?
Regards,