What is the EAP method (EAP-PEAP or EAP-TLS)?
Ensure,
the ClearPass Radius certificate is installed with complete chain,
and the Root CA that signed the radius certificate is marked as the trusted anchor in the wired/wireless supplicant profile, if you observer failure only on Windows Client.
Enable debug for the Radius server and check the debug logs from the Access Tracker for more details.
To enabled Debug: Administrator >> Server Manager >> Log Configuration >> Select Service >> Radius Server.