@Rensk wrote:
Hello,
I'm trying to configure radius authentication for management access on ArubaOS-CX switches with Clearpass.
I've setup the switch as follows:
radius-server host 10.13.111.19 vrf default
aaa group server radius clearpass
server 10.13.111.19 vrf default
radius-server key plaintext mypasskey123
radius-server auth-type chap
aaa authentication allow-fail-through
aaa authentication login default group clearpass local
aaa authentication allow-fail-through
aaa accounting all default start-stop group clearpass
This works but for every login attempt I get one Accept and two Reject messages.
The reject attempts appear even before I supply my password.
Does anyone know why this is happening and how to solve this?
I'm currently using ArubaOS-CX Version TL.10.02.0001
With kind regards,
Rens
I get the same issue... (because a customer prefer to use RADIUS and not TACACS...), and i have open multi case to TAC (for ArubaCX and ClearPass...)
and coming from ArubaCX try to discover the cipher available on RADIUS server (a feature of OpenSSH...)
for avoid "latency" on ClearPass, you can modified a setting (i don't remenber the name...)