Yea, to tag on with cjoseph here. You may have a mismatch on your RADIUS key between the switch and clearpass. Double check this under your network devices in clearpass.
------------------------------
Dustin Burns
Lead Mobility Engineer @Worldcom Exchange, Inc.
ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2022
If my post was useful accept solution and/or give kudos
------------------------------
Original Message:
Sent: Jul 27, 2022 09:58 AM
From: Kenny Mitchell
Subject: RADIUS requests not reaching server through second access switch
Hi there. I'm deploying Clearpass across our large Aruba campus network and I've found a snag in a particular setting. In a couple of locations I have a small 8-port 2530 switch hanging off the normal 2930M access switches feeding temporary offices. Access switches in each area go back to a layer 3 capable 8320x acting as the distribution layer, by the way. There is a trunk between the 8-port and the main access switch with all the VLAN's and everything runs fine until I try to run Clearpass on the 8-port.
When I put my normal Clearpass configuration on the 24-port 2930M it works just fine. When I add the configuration to the 8-port however then I have an issue. The 8-port switches refuse to work as they cannot reach the RADIUS server. I get an error saying either the RADIUS server cannot be reached (error 00421) or cannot authenticate (00428 802.1x Auth Failures).
There's no issues with reaching the RADIUS server with pings from the switches but for some reason the RADIUS traffic doesn't seem to be making it. I assume it's not making it across the 24-port access switch to reach anywhere beyond. I'm rather new at this and nothing I've tried has made any difference. I'm guessing it's something simple that I'm not taking into account but it's got me stumped. Does anyone have any idea why the RADIUS traffic isn't getting to the server in this scenario?