08-30-2018 06:05 AM
We are using Clearpass for GUest access on our Customers wired ports and we have been using Solution within the ASE and also the Clearpass_Solution-Guide_Wired-Policy-Enforcement. We are using sponsporship for guest and the problem we are having is that once the user click login after sponsor authorisation the user cannot connect to anything. This seems to be because although the correct enforcement profiles are sent they don't seem to be picked up by the switch to change them (I have tried to both bounce the port and reauthenticate session). If the user physically unplugs after this then the correct policy is picked up and DaCL applied, It just seeems to be after the initial webauth. I have attached a log. Any ideas?
Solved! Go to Solution.
08-30-2018 07:42 AM
Looks like the Radius disconnect/CoA did not succeed. You need to check the the MAC(Layer 2 ) authentcation request of the client in Access Tracker before the WebAuth and see if the radius disconnect/CoA suceeded.
You can try disconnecting the client by using the "Change Status" option in the Access Tracker and see if that works.
**Did something you read in the Community solve a problem for you? If so, click "Accept as Solution" in the post.
NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.