Security

Reply
New Contributor

Clearpass CoA with ArubaOS switch

I want to change user role of a ArubaOS-Switch client with Clearpass CoA, however I can't get it work.

 

using CP RADIUS Dyn Authorization Template: ArubaOs Switching-Change User Role, but
manual trigger response via Monitoring-> Access Tracker-> Change Status -> RADIUS CoA is:
"Radius CoA_user-role failed for client 001f29b6769c. Missing-Attribute."

CoA.pngCoA-template.png

using RADIUS Dyn Authorization Template: ArubaOs Switching-Change VLAN doesn't work:
"Insufficient parameters received"

CoA_vlan.png

 

I am a bit confused here, are there necessary attributes that are not in clearpass template?


MAC-Auth is working, User-Role profile "role-any" is configured locally on Aruba-2540 YC.16.06.0010 and ClearPass is on version 6.8.

 

Any kind of help is appreciated.

 

MVP Guru

Re: Clearpass CoA with ArubaOS switch

Did you add the device in ClearPass using hewlett packard enterprise as the vendor?

Did you configure ClearPass to do dynamic authorization in the switch ?
http://h22208.www2.hpe.com/eginfolib/networking/docs/switches/WB/15-18/5998-8152_wb_2920_asg/content/ch06s04.html#s_Configuring_the_switch_to_access_a_RADIUS_server

Also make sure that the time on the switch and ClearPass is the same



Thank you

Victor Fabian

Pardon typos sent from Mobile
Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: