Security

We are doing 802.1x and mac authentication on wired network and it working fine also but in accounting tab am not getting framed-ip-address. Can anyone help me please.

In AAA typically the NAS (authenticator) is typically not aware of the Framed-ip-address to pass it on to the radius server when using 802.1x or mac auth.  Only in Captive Portal authentication is the NAS guaranteed to know the Framed-ip-address.

So CPPM gets the framed-IP-address from the radius-accountign data, please ensure you have enabled radius-accounting/interim-accounting on your NAS. Some NAS's only get the IP address after the authN is done so its important to have interim enabled.... this is very NAS dependent.

Hi 

I got framed-ip-address attribute when I verify on access tracker but I can't sent these attribute to 3rd party device. There's an error on Clearpass

03-06-2019 17:10:10 Local1.Error 10.1.3.99 2019-03-06 17:07:36,204 [RequestHandler-1-0x7f16a93e9700 h=726 c=R00000007-01-5c7f9be8] ERROR Core.PETaskRadiusEnfProfileBuilder - postAcctBcastAttr: Failed to find finalValue for %{Radius:IETF:Framed-IP-Address}

Do you have any ideas?

Bump - any responses to sending the framed-ip-address?

Is there a way to store the framed-ip-address as an Endpoint Attribute - definitely a post_auth action (like Last Known IP), but looking to utilize this information for migrating (DHCP) devices from one vlan to another vlan.