Security

Reply
Regular Contributor I

Re: Clearpass CoA Problem

Hi tim,

 

 

yes, that's ticked - I found when it was not ticked I found the CoA radio button was greyed out 

 

but yes thats all there thanks.

 

really appreaciate all this help chaps

MVP Guru

Re: Clearpass CoA Problem

Can you please check the following ?

Show IP radius source interface
Show IP radius nas IP

What do you have set for your controller ip ? Loopback , VLAN or vrrp IP ?
Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Regular Contributor I

Re: Clearpass CoA Problem

Hi sorry I am on an awkward time zone. I am using avrrp address and will provide output from the command tomorrow uk time.

Thanks again all
Regular Contributor I

Re: Clearpass CoA Problem

(ldnwcmc1) #Show IP radius source-interface

Global radius client source IP address = 172.29.234.6, vlan 200
Global radius client source IPv6 address = ::, vlan 0
Per-server client source IPv4/6 addresses:

(ldnwcmc1) #Show IP radius nas-ip

RADIUS client NAS IP address = 172.29.234.5
RADIUS client NAS IPv6 address = ::1

(ldnwcmc1) #

 

MVP Guru

Re: Clearpass CoA Problem

Make sure that both of those values match and also that you have the same value on your CPPM server
Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Regular Contributor I

Re: Clearpass CoA Problem

Thanks victor,

 

I have changed these values now they match

 

I am opening a TAC.

 

Thanks

Regular Contributor I

Re: Clearpass CoA Problem

I have made a grave mistake here and as a punishment I will post a diagram of my configuration with all the great feedback I got from all you good folks!!!!!

We are now working!!!!
Regular Contributor II

Re: Clearpass CoA Problem

Hi Nok,

 

Could  you please post what you did to make thingsh happy?

 

Mike

Regular Contributor II

Re: Clearpass CoA Problem

sorry, I meant "Nik" !!

 

Mike

Highlighted
Regular Contributor I

Re: Clearpass CoA Problem

After all that digging about I had changed the IP address of the rfc3576 servers several times in deployment and I had entered the wrong IP addresses under the rfc3576 servers. I got totally lost in details. Yes I am an idiot. I will post up a diag too as promised. I was hoping no one would press me for an answer. ;). As soon as I got someone else to look at it with a fresh pair of eyes they spotted it immediately. I laughed as there was little else I could do. ;) well I suppose I could have cried also?
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: