Security

last person joined: 20 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass 6.7 CoA / RADSESC AOS8.4

This thread has been viewed 1 times

  • 1.  Clearpass 6.7 CoA / RADSESC AOS8.4

    Posted Jun 13, 2019 07:44 PM

    When I configure RADSEC on my AAA server in AOS, CoA stops functioning. I receive the error: "Network Device did not respond." When I disable RADSEC everything works as intended.

     

    I currently have the NAS-IP set at the MD level.

     

    I also enabled RADSEC at the rfc-3576 server level via CLI with the same results.

     

    Is this a known issue, or am I missing a step in the configuration?



  • 2.  RE: Clearpass 6.7 CoA / RADSESC AOS8.4
    Best Answer

    EMPLOYEE
    Posted Jun 14, 2019 05:43 AM
    If this is a cluster, RadSec is not supported in a cluster today.


  • 3.  RE: Clearpass 6.7 CoA / RADSESC AOS8.4

    Posted Jun 14, 2019 09:22 AM
    On which side ? I'm assuming you mean the controllers?


  • 4.  RE: Clearpass 6.7 CoA / RADSESC AOS8.4

    EMPLOYEE
    Posted Jun 14, 2019 09:40 AM
    Correct.


  • 5.  RE: Clearpass 6.7 CoA / RADSESC AOS8.4

    Posted Jun 14, 2019 09:43 AM

    Thanks, Tim.

     

    I did want to mention that Radsec seems to work fine on its own. It's just that CoA stops functioning if you enable it. I guess that's the 'not supported' part.



  • 6.  RE: Clearpass 6.7 CoA / RADSESC AOS8.4

    EMPLOYEE
    Posted Jun 14, 2019 11:39 AM
    Correct. Dynamic Authorization is part of RadSec.