Security

 View Only
last person joined: 21 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

NAC with 2520 switch

This thread has been viewed 0 times

  • 1.  NAC with 2520 switch

    Posted Jun 11, 2018 08:37 AM

    Hi All,

        I am trying to setup port security between Clearpass and a 2520 device. I believe everything is setup OK but there is nothing showing in access tracker or venet viewer. This is a brand new CPPM and I've setup this on the switch -

    radius-server host 10.x.x.x key "secretkey"
    radius-server host 10.x.x.x dyn-authorization

    aaa accounting update periodic 3
    aaa accounting system start-stop radius

    aaa authentication port-access eap-radius
    aaa port-access authenticator 2
    aaa port-access authenticator 2 client-limit 3

    aaa port-access authenticator active
    aaa port-access mac-based 2
    aaa port-access mac-based 2 addr-limit 3

     

     

    But the show port-access authenticator clients command just shows the client status as "connecting"

    The CPPM is pingable from the switch and vice-versa.

     

    Any ideas



  • 2.  RE: NAC with 2520 switch

    Posted Jun 11, 2018 08:57 AM

    OK so it looks like the requests are arriving at another configured server. Is there any way to point the requests to CPPM on a per-port basis? or some other workaround.



  • 3.  RE: NAC with 2520 switch

    EMPLOYEE
    Posted Jun 11, 2018 11:59 AM
    Please check the event viewer if you have an error in the shared secret or if the NAD is not configured in CPPM. As this is a new installation you might have missed something.