Security

Reply
Highlighted
Frequent Contributor I

ClearPass RADIUS Accounting - Wired 802.1x

 

Trying to get the Framed-IP-Address sent by ClearPass to a RADIUS accounting proxy target for a Wired 802.1x policy but doesnt seem to be working.

 

Using an HP Comware 5 switch as NAS which is configured for RADIUS.

 

 

 

1.png

 

Same thing is working for a wireless policy, where Framed-IP can be seen in the RADIUS accounting logs.

 

Anyone got this working?


Accepted Solutions
Highlighted
Moderator

Re: ClearPass RADIUS Accounting - Wired 802.1x

Be sure you have DHCP snooping enabled on the switch.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.

View solution in original post


All Replies
Highlighted
Moderator

Re: ClearPass RADIUS Accounting - Wired 802.1x

Be sure you have DHCP snooping enabled on the switch.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.

View solution in original post

Highlighted
Frequent Contributor I

Re: ClearPass RADIUS Accounting - Wired 802.1x

Perfect! That did it!

 

For posterity - to enable on a comware 5 device acting as an edge switch:

 

[SWITCH] dhcp-snooping

[SWITCH] interface <uplink to L3 switch / DHCP server port>

[SWITCH] dhcp-snooping trust

 

Verify with 

 

[SWITCH] display dhcp-snooping 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: