Hello,
I have a problem with the clearpass when I send a Radius Coa to the switch. It always gives me the same error:
0000:00:25:52.77 RAD tRadiusR:DISCONNECT REQUEST id: 7 from 10.253.27.12
DROPPED, Invalid packet authenticator.
I have no problem in the validation user through 802.1x. It works well and in Clearpass validates, however when I send an RCoa the switch does not respond and makes a drop of the package.
This is what I have configured in the switch:
radius-server host 10.253.27.12 encrypted-key "encripted_key"
radius-server host 10.253.27.12 dyn-authorization
radius-server host 10.253.27.12 time-window 0
SW(config)# sh radius
Status and Counters - General RADIUS Information
Deadtime (minutes) : 0
Timeout (seconds) : 5
Retransmit Attempts : 3
Global Encryption Key :
Dynamic Authorization UDP Port : 3799
Source IP Selection : 192.168.116.13
Source IPv6 Selection : Outgoing Interface
Tracking : Disabled
Auth Acct DM/ Time |
Server IP Addr Port Port CoA Window |
--------------- ----- ----- --- ------ +
Encryption Key
-----------------------------------------------------------------------------------------
10.253.27.12 1812 1813 Yes 0 | encripted_key
Disc Disc Disc CoA CoA CoA
IP Address Reqs ACKs NAKs Reqs ACKs NAKs
--------------- -------- -------- -------- -------- -------- --------
10.253.27.12 12 0 0 3 0 0
Can you help me?
TY