03-10-2023 07:17 AM
Hello,
I have a problem with an Aruba Switch im using ise to do DACL on the aruba switch and its working but when a want to change the ACL i need to do a COA reauthenticate on the end user for him to change the ACL but for some reason i just wont work.
this is the configuration i did for the reauthentication on a special profile for the aruba switches, the NAS-FILTER-RULE is the VSA92 the one im using to send the ACL to the user.
this is the error im getting and idea on what can i do to overcome this?
Solved! Go to Solution.
04-26-2023 10:46 AM
the problem was
radius-server host 192.100.1.95 clearpass
i remove the parameter and everything works
03-10-2023 01:46 PM - edited 03-10-2023 01:47 PM
dACL? I don' think Aruba Switches support dACLs. You can call a local User Role that then maps to a local ACL or pass a local ACL name as the filter-id attribute. Keep in mind the CoA port for Aruba devices is 3799.
Also is CoA enabled on the Aruba Switch? Is this an AOS-CX switch?
radius dyn-authorization client [name] secret-key plaintext aruba123
radius dyn-authorization enable
03-10-2023 08:53 PM
Hello,
yes they do support them using VSA 92 and is working but what i want to do is change the Assing DACL that the user is using but every time i get that error, heres the configuration on theARUBA switch.
radius-server host 192.100.1.95 key "Hola.123"
radius-server host 192.100.1.95 dyn-authorization
radius-server host 192.100.1.95 clearpass
radius-server access-request include framed-ip-address
!
is this the same as the config you share???
radius dyn-authorization client [name] secret-key plaintext aruba123
radius dyn-authorization enable
!
!
thanks for the help by ther way
03-13-2023 10:08 AM
03-16-2023 09:03 AM
this is an AOS-S does this are the same command?
03-11-2023 10:59 PM
@vivarock12 The failure said no response from the NAD. Most likely the CoA port mismatched between ISE and the NAD.
03-12-2023 08:53 PM
this commands said that the COA request is geeting to the Switch but the switch does no response
Is there a special config to be done on the Client pc im using windows 802.1x client?
04-26-2023 10:46 AM
the problem was
radius-server host 192.100.1.95 clearpass
i remove the parameter and everything works
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide