I have a new implementation with User Authentication with MAC caching in a cluster that is working 90% of the time.... New guest user is captive portaled correctly, they fill out basic form and accept terms, then receipt page auto submits and the user is allowed on (MAC is then cached for future access).
Intermittently, when the user fills out the registration form and submits it, the controller authentication back to clearpass guest fails with: Error Code 201 - Authentication Failure
Alerts for this Request:
RADIUS [Guest User Repository] - localhost: User not found.
Cannot select appropriate authentication method
Without changing anything, the user can then typically submit the form again and this time they are logged in and everything is working. Sometimes they can submit multiple times and get the same error each time. Access Tracker shows it as a Reject, but the "incoming" RADIUS data is identical to a working scenario....
It works most of the time across the cluster so I've not found anything configuration related..... Note: it is possible the registration may occur on node 2 while the radius request is sent to node 3. I thought maybe it could be a local database replication delay issue or something but don't know where to begin there.... and sometimes I see it fail when the user account is clearly visible on the node in question....
Has anyone seen this before? Any thoughts?