I'm a little bit further than I was before. I setup an enforcement policy with the following conditions:
Tips > Role > EQUALS > [USER Authenticated]
Authentication > OuterMethod > EQUALS > MAC-AUTH
I'm no longer receiving a REJECT message in Access Tracker for the test phone, BUT the phone isn't working. The switchport (on a Cisco 4500) shows "notconnect" for the port and the following syslog message:
%AUTHMGR-5-FAIL: Authorization failed for client (0004.f2**.****) on Interface Gi3/17
I'm not sure if the syslog message is indicative of anything. However, the phone keeps authenticating itself, as I'm seeing an ACCEPT message logged for the phone in Access Tracker every 2 minutes.
Does anyone know if this is a ClearPass issue or switch issue?