Security

Greetings community,

i´m really new to clearpass and have an maybe dumb issue.

We run a mixes HPE / Arbuba and Cisco environment.

802.1x i got running on my aruba switches. but i get Error 209 when trying to make a mac-auth service handling printers for instance.

(Will change to mschap shortly after hopefully).

But back to my problem...

I created a service for standard mac-auth.

As authentication source i want to use the endpoint database (because we don't want to use 2 database models - so the tips db and not the guest db would be the source of authenticated devices).

When trying this "non witchcraft" config i get error 209 "missing password".

I use aruba 2930F and Clearpass 6.7.8

Maybe i make some really dumb mistake.

We want to use clearpass primary for NAC and VLAN distribution / change. No guests / byod or anything.

So the Endpoint repository (Local SQL DB) would be my desired Database. Or do i have a huge design mistake in this?

Read so much last days i have no more clue whats not working here anymore.

Maybe i should add, that the regarding device is in endpoint db, enabled, known etc...

The document i read (feels like back and forth) :D - and tried to make the example almost like the mac-auth example.

But with endpoint db...

Sorry... i am a bit tired trying to get this stuff running... *having a good yawn*

I´m sorry... trying to fix in error in clearpass config is troublesome if the error is in switch config.

Had to change MAC-AUTH for Port Access to CHAP for radius group "myGroup" ... worked instant what i built in clearpass...

Sorry for bothering.

Greetings

Hec