Security

 View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Radius services stopped working in CPPM

This thread has been viewed 26 times
  • 1.  Radius services stopped working in CPPM

    Posted Feb 14, 2024 12:36 PM

    Hello All ,

    We have an 802.1x service, and one of the AD servers configured in authentication source is not reachable.
    The complete radius service, including mac authentication, is unavailable during the problem period. 
    We have observed AD connection loss and AD/LADP failures in Event Viewer. Has anyone else encountered this problem?
    Once the AD server is reachable, all radius services are operational again.
    How to address the issue permanently ?



  • 2.  RE: Radius services stopped working in CPPM

    Posted Feb 14, 2024 12:50 PM

    During these scenarios do you actually see the "Radius server" Service in a "stopped" state (shown in Services Control)?



    ------------------------------
    If my post was useful, please Accept Solution and Give Kudos.
    ------------------------------
    Zak Chalupka
    Principal Engineer - HPE Aruba
    ACDX | ACMP | ACSP | ACCP
    wifizak@hpe.com
    ------------------------------
    Ideas expressed here are solely my own and not necessarily that of HPE Aruba.
    ------------------------------



  • 3.  RE: Radius services stopped working in CPPM

    Posted Feb 14, 2024 12:55 PM

    No it is not in the stopped state and we didn't perform any service restart.




  • 4.  RE: Radius services stopped working in CPPM

    Posted Feb 14, 2024 03:42 PM

    For clarification:

    Are you saying that an AD outage is causing issues with CPPM service enforcement, on services that are not configured with that AD Authentication Source? 



    ------------------------------
    If my post was useful, please Accept Solution and Give Kudos.
    ------------------------------
    Zak Chalupka
    Principal Engineer - HPE Aruba
    ACDX | ACMP | ACSP | ACCP
    wifizak@hpe.com
    ------------------------------
    Ideas expressed here are solely my own and not necessarily that of HPE Aruba.
    ------------------------------



  • 5.  RE: Radius services stopped working in CPPM

    Posted Feb 15, 2024 11:57 AM

    Yes Zak Chalupka , 

    whole radius services are not working due to  a single unreliable AD server. Even MAC authentication services are not working .Only Tacacs auth service are authenticating the users during the issue period.




  • 6.  RE: Radius services stopped working in CPPM

    Posted Feb 15, 2024 05:08 PM

    Can you post a error output from a fail auth during that time?



    ------------------------------
    If my post was useful, please Accept Solution and Give Kudos.
    ------------------------------
    Zak Chalupka
    Principal Engineer - HPE Aruba
    ACDX | ACMP | ACSP | ACCP
    wifizak@hpe.com
    ------------------------------
    Ideas expressed here are solely my own and not necessarily that of HPE Aruba.
    ------------------------------



  • 7.  RE: Radius services stopped working in CPPM

    MVP EXPERT
    Posted Feb 14, 2024 02:10 PM

    What ClearPass version?



    ------------------------------
    Marcel Koedijk | MVP Expert 2023 | ACEP | ACMP | ACCP | ACDP | Ekahau ECSE | Not an HPE Employee | Opinions are my own
    ------------------------------



  • 8.  RE: Radius services stopped working in CPPM

    Posted Feb 15, 2024 11:58 AM

    We are running with 6.10.8 version