Hello,
we are running Clearpass version 6.9.0.130064 and Aruba switch 2930F software revision WC.16.10.0007.
We recently started testing Downloadable user roles. Everything has been working fine until we started using netdestinations.
Now, if we modify the DUR enforcement profile, the following error occurs:
ST1-CMDR: 8021X Deauthenticating client 8C04BA11ABC4 on port 2/38, downloaded user role TATRA__DRE_IT_CP_... is not valid as CLI execution Error.
ST1-CMDR: Faulty line: netdestination OWA_TATRA__DRE_IT_CP_-3035-98_7Z4q .
We have found that if the old version of DUR is removed from the switch manually by using following command, the authentication is succesfull without previous error.
downloadable-role-delete TATRA__DRE_IT_CP_-3035-97
This is the correct behaviour:
Is this bug in switch firmware or is it intended behaviour? Deleting old Downloadable user role to get the new version work is annoying.