Hi,
got ClearPass working but started receiving random people complaining that they could not login.
Switchport gets turned off/on several times while the user logins causing all sort of issues:
I 01/21/19 10:14:19 00076 ports: ST1-CMDR: port 1/21 is now on-line
I 01/21/19 10:14:19 00435 ports: ST1-CMDR: port 1/21 is Blocked by STP
I 01/21/19 10:14:19 00435 ports: ST1-CMDR: port 1/21 is Blocked by AAA
I 01/21/19 10:14:16 00077 ports: ST1-CMDR: port 1/21 is now off-line
I 01/21/19 10:14:10 00076 ports: ST1-CMDR: port 1/21 is now on-line
I 01/21/19 10:14:10 00435 ports: ST1-CMDR: port 1/21 is Blocked by STP
I 01/21/19 10:14:10 00435 ports: ST1-CMDR: port 1/21 is Blocked by AAA
I 01/21/19 10:14:07 00077 ports: ST1-CMDR: port 1/21 is now off-line
I 01/21/19 10:14:06 00076 ports: ST1-CMDR: port 1/21 is now on-line
I 01/21/19 10:14:06 00435 ports: ST1-CMDR: port 1/21 is Blocked by STP
I 01/21/19 10:14:06 00435 ports: ST1-CMDR: port 1/21 is Blocked by AAA
I 01/21/19 10:14:04 00077 ports: ST1-CMDR: port 1/21 is now off-line
Port configuraiton:
untagged vlan 11
no port-security eavesdrop-prevention
aaa port-access authenticator
aaa port-access authenticator auth-vid 11
aaa port-access authenticator client-limit 2
aaa port-access authenticator cached-reauth-period 86400
aaa port-access mac-based
aaa port-access mac-based addr-limit 4
aaa port-access mac-based logoff-period 9999999
aaa port-access mac-based reauth-period 86400
aaa port-access mac-based cached-reauth-period 86400
aaa port-access controlled-direction in
spanning-tree admin-edge-port
ClearPass does not report any issues. Also logs in ClearPass are 30 seconds behind vs switch logs, but switch and ClearPass are on the same exact time to the second.
I have opened a case but wondering if you have any clues.
thanks