Security

Hi all,

I'm testing 802.1X wired and using CPPM as Radius server for authentication (my Radius client is a Cisco 2960 switch). I used test aaa command on the switch to test basic Radius communication between it and CPPM, but it kept saying port 1812 was not responding. A packet capture showed that CPPM was sending ICMP Port Unreachable upon receiving Radius requests from the switch. Some Googling gave me two possible reasons:

1) Radius service is stopped

2) CPPM is listening for Radius request on data port, not mgmt port

I'm on a vacation and cannot check the CPPM now. I just want to know if there's still any reason which may cause the CPPM to behave like described above, so I can check them all once I'm back.

Thank you,

Hi,

Have you configured both data and managment port? If you configured data port then radius request will go to data port.

NOTE: The Data Port IP Address must not be in the same subnet as the Management Port IP Address.

Were you able to ping the data port IP from switch? Have you provided correct radius server IP and shared key details in switch, make sure it matches with clearpass key.

Make sure port 1812 is opened if their is any firewall in your network.

After checking above details, if you still have issue, try restart the services.

Regards,

Pavan

CPPM will listen for RADIUS on both ports. Unlikely the RADIUS service is stopped but from your post that remains the only remaining option....

any Firewall in the data-path?