Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass: Unknown NadClient, Mobility Master seems to be an authenticator

This thread has been viewed 8 times

  • 1.  Clearpass: Unknown NadClient, Mobility Master seems to be an authenticator

    Posted Oct 09, 2019 03:43 AM

    Hi,

     

    Im just testing the Clearpass and I get a strange issue.

    When a device trying to authenticate the Clearpass log shows ther error

    "Unknown NadClient <ip-address>" where ip-address is the address from our Mobility Master and this is the strange part.

    The authenticator should be our md (7220 controller) and not the mobility master.

     

    What could cause the error? Some configuration error?

     



  • 2.  RE: Clearpass: Unknown NadClient, Mobility Master seems to be an authenticator

    Posted Oct 09, 2019 05:11 AM

    I think I solved the error.

    I made a packet capture showing me that the nas-ip-address is the address from the mobility master.

     

    I configruerd: configuration-->authentication-->advanced on device level an entered the ip from the respective md.

     

    Now the nas-ip-address is the address from the md



  • 3.  RE: Clearpass: Unknown NadClient, Mobility Master seems to be an authenticator
    Best Answer

    Posted Oct 09, 2019 01:55 PM
    If it is part of a cluster define the Cluster VRRP-VIP for each MD as the “ip radius nas-ip”

    If is not part of a cluster than use the MD management IP

    Make sure you add all those IPs (mgmt IP and Cluster VRRP-VIPs as RADIUS clients)

    Sent from Mail for Windows 10