Security

last person joined: 15 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Radius CoA Bounce Host-Port Failed

This thread has been viewed 10 times

  • 1.  Radius CoA Bounce Host-Port Failed

    Posted May 06, 2017 12:20 AM

    Hi all,

     

    I'm having an issue with Radius CoA, which doesn't work as I expected. What I'm trying to do is to use CPPM to authenticate a device based on its MAC address, then profile it and after that have CPPM send bounce host-port message to the switch to assign proper VLAN for that device. The authentication and profiling process have worked well so far. However, I got stuck at CoA step:

     

    6.PNG

     

    2.PNG

     

    I'm using an Aruba 5400 switch for testing. I tried changing the CoA profile to Aruba Bounce Host-Port (instead of HPE Bounce Host-Port), but it didn't work either:

     

    4.PNG

     

    I checked the switch and look like it did receive CoA messages from CPPM:

     

    3.PNG

     

    Below is my configuration on CPPM and Aruba switch:

    1.PNG

     

    5.PNG

     

    Please tell me what I did wrong. I really appreciate your help.

     

    Thank you,



  • 2.  RE: Radius CoA Bounce Host-Port Failed

    EMPLOYEE
    Posted May 18, 2017 02:14 PM
    Make sure both the switch and ClearPass are using NTP and that the time is correct.


  • 3.  RE: Radius CoA Bounce Host-Port Failed

    Posted Feb 25, 2019 06:55 AM


  • 4.  RE: Radius CoA Bounce Host-Port Failed

    EMPLOYEE
    Posted Feb 25, 2019 06:58 AM
    The Switching profile is built in. You likely have your switch defined as Aruba instead of Hewlett Packard Enterprise.

    Don't modify the built in profiles. They work as is.