Security

I am attampting to use the Policy Simulation to build a Serivce Categorization.  Attached is my simulation, but it doesn't seem to match a valid service I have running. I am attaching the screenshot and policy simulation file.

Are there any docs or examples of how to build a simulation and test it against a service?

Can you confirm that some of those attributes are present as service rules in an active service?

Tim,

I am learning ClearPass, so be gentle as I am likely missing something obvious.  Total NOOB here. I took a working Wired 802.1x service and looked in Access Tracker to see a valid request that came in and tried to replicate those Radius reqeust attributes in the policy simulation.  Is that a valid way to go about building a simulation?  Attached is the Wired service I built the policy from.

Attachment(s)

WiredService.xml.txt   19 KB 1 version

Hm. The service rules look correct.

Are you working with an Aruba partner? It looks like this is a proof of concept build.

I am working with Aruba directly as we are testing the product and trying to get familiar with its capabilities.  The Policy Simulation was intriguing if I can get it working.

Can you try creating a simulation with just the basics:

NAS Type: Generic

Authentication outer method PEAP

Username

Password

IETF NAS-Port-Type 15

Thanks for your help Tim.  Not sure I am doing this right.  I have attached the simulation I built for your review. 

Couple of Questions if I may:

1.  Does the order of attributes in the RADIUS request matter?

2.  Where is NAS Type Generic?  I didn't see where to select that attribute?

Attachment(s)

SimulationV3.xml.txt   1 KB 1 version

You must add a connection Type in the test.

Mark,

I updated my lab on your test. You can see the results there. I aslo trigger my services based on NAS IP so you also need to add the IP of the switch. 

Thanks Troy.  That was the missing piece.

Here is the attached simulation file.

Attachment(s)

Simulation.xml.txt   1 KB 1 version