Security

last person joined: 20 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

CPPM Access Tracker

This thread has been viewed 3 times

  • 1.  CPPM Access Tracker

    Posted Jul 29, 2014 01:00 PM

    Hello.  I am trying to resurrect a once-working CPPM policy/service which responded to a user's login attempt on CPGuest and queries AD and the local guest db.  When testing with a client, I am prompted with the WEB UI page from the policy, but fail authentication with 'Invalid Username or Password.'  I try to check the attempt in Access Tracker, but no entries appear.  Confused as to how I can attempt the authentication without tripping a tracker event.  Any guidance is appreciated.  Thank you!



  • 2.  RE: CPPM Access Tracker

    EMPLOYEE
    Posted Jul 29, 2014 01:15 PM
    Look in Event Viewer to see if the there is an error starting the network device is not defined.


  • 3.  RE: CPPM Access Tracker

    Posted Jul 29, 2014 01:52 PM

    Tim....thanks for the quick reply.  I do not see any events in Event Viewer mentioning that error.  



  • 4.  RE: CPPM Access Tracker

    Posted Apr 30, 2015 09:54 AM

    CPPM Access Tracker No Entry for authentication attempt. 

    I am troubleshooting a similar problem.

    While deploying Mac Caching we unveiled an anomaly in our test bed while changing services and deploying Student and Staff MAC Caching. We have 2 Mac Caching services for students and 2 for staff . Our issue  doesn’t cause a problem but we are trying to understand why it’s happening.  We make a change to a service named Student Access with MAC Caching.. We authenticate using that service.  We see authenticated on device but no entry in CPPM Access Tracker. The next service called Student Mac Caching Service will deny the request and an Access tracker entry appears.

    We really want to see an Access tracker entry for the changed service named Student Access with MAC Caching.

    We reverse the change and of course we get an entry.

    The change is as follows;

    In our Student Access with MAC Caching service we change a service rule reading:

                    Radius:Aruba         Aruba-Essid-Name     Equals     Student

                    Radius:Aruba         Aruba-Essid-Name     Equals     Staff

     I have pulled log files for the service prior to the change and see no entry in log files for anything initiating an entry for CPPM Access tracker.  I have also looked at Event Viewer and do not see any instance of this or any other authentication event or entry event for Access Tracker. 



  • 5.  RE: CPPM Access Tracker
    Best Answer

    Posted May 01, 2015 05:32 AM

    jkeco, I would check the authentication server-group configuration to make sure the requests are definitely being sent to Clearpass. You can also run 'show aaa authentication-server radius statistics' to check the RADIUS packets are being sent and responded to.

     

    KI, have you tried blacklisting and unblacklisting the user on the Aruba controller after the changes to the service have been made? If the user entry still exists in the user-table then they will not need to re-authenticate.

     



  • 6.  RE: CPPM Access Tracker

    Posted May 01, 2015 07:06 AM

    Thanks for the replies, guys!