Regular Contributor I

MAC caching sanity check



I have set up mac caching.


When I do a web auth, cppm sends a coa disconnect, then I switch to mac auth.


In clearpass guest under active sessions I only see the mac for the username - is this normal?



Guru Elite

Re: MAC caching sanity check

You should add an an enforcement profile to your MAC cache policy that sends back the username defined to the controller.



MACAUTH uses the mac address as the username and password; this will send back the users registered username in the RADIUS response. You should then see them in the session list.



Tim Cappalli | Aruba Security
@timcappalli | | ACMX #367 / ACCX #480
Regular Contributor I

Re: MAC caching sanity check

can you give an example?

Regular Contributor I

Re: MAC caching sanity check

sorry - image just downloaded!

Regular Contributor I

Re: MAC caching sanity check

bang on Cappalli - absolutely nailed it thanks


Re: MAC caching sanity check




using this is great along with Aruba WLC, but I'm unable to get it to work with Cisco WLC. Using this trick I end up with username = unknown in the Cisco WLC, and Active Sessions is still mac-address..


Any tips to what Cisco button I have to push to get this working?

John Solberg

-ACMX #316 :: ACCX #902 :: ACSA
Aruba Partner Ambassador
Intelecom/NetNordic - Norway
Remember to Kudo if a post helped you! || Problem Solved? Click "Accept as Solution" in a post!
Search Airheads
Showing results for 
Search instead for 
Did you mean: