Security

I am not sure if anyone is familiar with Juniper here, but I am having trouble enabling accounting on Clearpass 6.7.0 for Juniper EX3400 switches.

I have TACACS Authentication working for the EX3400s, so I'm not sure that Clearpass is the issue, but I do not show any accounting.

I have Authentication and Accounting working succesfully for Cisco and Aruba products.

I feel like I am missing something on the Juniper side, but there is a chance I am missing something on the Clearpass side. 

My Juniper Config looks like this:

10.1.1.1 {
port 49;
secret "***"; ## SECRET-DATA
timeout 30;
source-address 10.0.0.1;
};


events [ login change-log interactive-commands ];
destination {
tacplus {
server {
10.1.1.1 {
secret "***"; ## SECRET-DATA
source-address 10.0.0.1;
}
}
}
}

class RW-CLASS {
 idle-timeout 15;
 login-alarms;
 permissions all;
}

user JUNOS-RW {
 uid 2101;
 class RW-CLASS;
}

Where 10.0.0.1 is the switch ip, 10.1.1.1 is the Clearpass. 

The jist of my clearpass config looks like this, I know I get the correct role, so enforcement profile is where I would assume the issue is?

The configuration looks fine. Are you sourcing the accounting data from the same source IP as the authentication requests? Have you run a PCAP to see if the accounting data is send from the switch?

It is sourced from the same ip as the authentication. 

I have not run a packet capture yet but that was going to be my next step if my configuration was correct. So it sounds like that's where I am going next. Thanks for your validation