Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

IAP to Fortigate Accounting - issue

This thread has been viewed 0 times

  • 1.  IAP to Fortigate Accounting - issue

    Posted Mar 28, 2016 11:08 AM

    Fortigate debug.

     

    DB 0 update [ep='pt1479' pg='n/a' ip='10.225.252.39'] success
DB 0 remove IP entry [ep='pt1479' pg='n/a' ip='10.225.252.39'] timeout

    We have couple of IAP 215 running code: 6.4.2.6-4.1.1.11_52666 and are using external Radius for AAA. Inorder to provide internet access, i'm forwarding accounting packets to my Fortigate firewall and can see the radius username GUI and cli.

     

    I'm using freeradius-mysql and have set only "Class" attribute in freeradius user group. As you can see, for some reason IAP-215 isn't sending the class attribute information to fortigate.

     

    How o fix this issue ?.