I see similar posts in the past but no analysis or resolution yet. I have implemented profiling of wired clients via separate vlan with DHCP and DHCP relay to clearpass and it is working great. Unclassified clients are put in this separate vlan, receive a message that profiling is taking place and after about 1,5 minutes are redirected to their work vlan. As it was described in Wired Deployment Guide by TimC.
This all works great except that MAC authenticated clients get CoA Disconnect message every 10 minutes. I have enabled Profiling on the Wired MAC authentication service. All these clients are already successfully profiled.
I'm working with TAC on this issue. We narrow down that the problem is as the Profiler send those CoAs disconnects. Switches are ArubaOS 16.10.0012. Ports are configured with mac and 802.1x authentication. auth-order is authenticator mac-based and auth-priority is mac-based authenticator.
Does anybody already suggestions on how to resolve this problem?
Best, Gorazd
------------------------------
Gorazd Kikelj
------------------------------