Security

last person joined: 22 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Radius CoA Bounce Host-Port Failed

This thread has been viewed 14 times

  • 1.  Radius CoA Bounce Host-Port Failed

    Posted May 07, 2017 01:36 AM

    Hi all,

     

    I'm having an issue with Radius CoA, which doesn't work as I expected. What I'm trying to do is to use CPPM to authenticate a device based on its MAC address, then profile it and after that have CPPM send bounce host-port message to the switch to assign proper VLAN for that device. The authentication and profiling process have worked well so far. However, I got stuck at CoA step:

    Summary.png

     

    hpe_failed.png

     

    I'm using an Aruba 5400 switch for testing. I tried changing the CoA profile to Aruba Bounce Host-Port (instead of HPE Bounce Host-Port), but it didn't work either:

    aruba_failed.png

     

    I checked the switch and look like it did receive CoA messages from CPPM:

    radius_dyn_author.png

     

    Below is my configuration on CPPM and Aruba switch:

    cppm.png

     

    switch.png

     

    Please tell me what I did wrong. I really appreciate your help.

     

    Thank you,



  • 2.  RE: Radius CoA Bounce Host-Port Failed

    Posted May 08, 2017 11:38 PM

    Hi,

     

    Can anyone share your ideas on this? Where should I check next to make it work?

     

    Thank you,



  • 3.  RE: Radius CoA Bounce Host-Port Failed

    EMPLOYEE
    Posted May 09, 2017 06:23 AM
    What message do you get when try it manually from Access Tracker?


  • 4.  RE: Radius CoA Bounce Host-Port Failed

    Posted May 09, 2017 11:49 PM

    Hi cappali,

     

    I got ACCEPT message from Radius server but the Radius CoA tab showed that bounce host-port had failed.

     

    aruba_failed.png



  • 5.  RE: Radius CoA Bounce Host-Port Failed

    EMPLOYEE
    Posted May 09, 2017 11:54 PM
    Are both the switch and ClearPass server using NTP?


  • 6.  RE: Radius CoA Bounce Host-Port Failed

    Posted May 21, 2019 09:52 AM

    Thanks Tim, that worked for me.

    kudos :)