Security

last person joined: 22 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass Guest on Cisco Wired port Not working after redirect.

This thread has been viewed 0 times

  • 1.  Clearpass Guest on Cisco Wired port Not working after redirect.

    Posted Aug 30, 2018 09:06 AM
      |   view attached

    Hi,  

    We are using Clearpass for GUest access on our Customers wired ports and we have been using Solution within the ASE and also the Clearpass_Solution-Guide_Wired-Policy-Enforcement.  We are using sponsporship for guest and the problem we are having is that once the user click login after sponsor authorisation the user cannot connect to anything.   This seems to be because although the correct enforcement profiles are sent they don't seem to be picked up by the switch to change them (I have tried to both bounce the port and reauthenticate session). If the user physically unplugs after this then the correct policy is picked up and DaCL applied,  It just seeems to be after the initial webauth.  I have attached a log.  Any ideas?



  • 2.  RE: Clearpass Guest on Cisco Wired port Not working after redirect.
    Best Answer

    EMPLOYEE
    Posted Aug 30, 2018 10:43 AM

    Hi,

     

    Looks like the Radius disconnect/CoA did not succeed. You need to check the the MAC(Layer 2 ) authentcation request of the client in Access Tracker before the WebAuth and see if the radius disconnect/CoA suceeded. 

    You can try disconnecting the client by using the "Change Status" option in the Access Tracker and see if that works.



  • 3.  RE: Clearpass Guest on Cisco Wired port Not working after redirect.

    Posted Sep 07, 2018 05:25 AM

    Thanks,   

     

    This was the Issue. 

    Within the Network Device setting the Vendor Name was set as Aruba and not Cisco.