Security

Hi:

Can someone give me a method to troubleshoot dot1x connection problems.

I'm having problems with just one user. He can't login to any device. Other users can login to his devices, so it's not a device issue.

He can login to his wired computer, so it's not a credentials issue (Active Directory).

Going through the logs of the connection on Clearpass, I see this:

But his password is correct. I even had him change his password, just to force a reset on all domain controllers, but still no luck.

I'm not seeing this issue with any other users.

Any ideas on how to proceed?

Thanks,

Tony

What are the details for the rejection in access tracker?

Could potentially be a 'bad' character in his password.

What does your primary tab in your auth source for AD screen look like 

I finally rebooted the Clearpass server (VM) and the problem for that user went away.

Before the reboot, there was a message in the Clearpass Event viewer about being low on memory.

Usage was about 3GB before the reboot, and dropped to about 1GB after.

Are there any known memory leak issues with 6.3.4.64924?

Thanks,

Tony

Could this have been a policy cache issue?

If the user was inadvertantly blocked Clearpass would cache the decision for a certain amount of time (you can clear this on the entry in access tracker)

I knew that a controller could blacklist a user, but I wasn't aware that Clearpass could do so.

Under what circumstances does Clearpass block a user?

And how can I find out who's blocked, and clear it?

Thanks,

Tony

I don't necessarily mean blacklisted - any action including access-rejects is policy cached for the period of time defined in your cluster-wide settings.