Hi all,
So I'm trying to get a wired web-login working from a Cisco switch to ClearPass, however, I keep running into the problem where the NAS IP is CPPM (127.0.0.1) and not the switch. Is there a way to modify the redirect-URL to include a NAS-IP field, I already have switch IP and MAC address included in the URL.
I have the web login page set to Server Initiated, if we set it to Controller-initiated the login never succeeds, probably due to same issue. Essentially we see (2) requests for the same authentication:
1. RADIUS
2. WebAuth
both have the 127.0.0.1 IP address, if we can get the IP to be the switch or send a COA to the switch some how via enforcement profile, the device would then successfully mac auth and no more ACL redirect on port.
In the Computed Attributes of the request, I have the following:
Application: WebLoginURL:switchip 10.23.128.31
So I know the information is there, just how do i reference it to send a terminate session or ACL update?
Any ideas?