Push config backup from ClearPass automatically

MVP
MVP
Requirement:

I wish to push the ClearPass configuration backup to my external server automatically. 



Solution:

From ClearPass 6.5.0 onwards, a new feature is added to enable an auto push of ClearPass configuration backup to external servers via SFTP and SCP.



Configuration:

In order to configure the option navigate to Administration > External Servers > File Backup Servers

 

 



Verification

Post configuring the option, we could find the configuration backup file sent to external server successfully.

Version history
Revision #:
2 of 2
Last update:
‎08-03-2015 06:17 AM
Updated by:
 
Labels (1)
Contributors
Comments

How often CPPM sends backups?

Do I use the Windows or Linux slash to specify the folder? How do you test the settings, or will I just have to check in the morning?

Hi Fahad/MSabin,

 

ClearPass server collects the auto-backup aroud 1:10am everyday and copy the file to external host. So check for the backup export after 1:10am.

 

You can specify the file path as shown in the below examples.

Image 1.png

 

Image 2.png

 

A new directory/folder(folder name = ClearPass serverIP) will be automatically created in the specified location to copy the backup file.

Image 3.pngThe ClearPass system Event Viewer will log the message of successful or failed backup export.

Image 4.png

 

 

 

 

MemphisBrothers

What about prior to 6.5?  I need to back up my config before I update to 6.5 which has failed twice.

Hi Joe,

 

We had another way(External Data Puller) to export the backup from ClearPass servers prior to 6.5. Refer the below links for more info on External Data Puller.

 

http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/CPPM-External-Data-Puller-Tool-to-automatically-pull-CPPM/ta-p/176430

http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/Automatically-transfer-CPPM-backups-to-external-Linux-Windows/ta-p/180628

 

Please let us know how you tried to backp the ClearPass Server and more info on failure to assist further.

klevesque

Saravanan,

 

Is there a way to test the backup manually or do you have to wait till 1:10 am?

 

Thanks,

Kent

Hi @all

i treid to configure it as mentioned. But it does not work. Eventviewer shows follwoing error message:

Reason: scp: /backups/10.10.255.13/auto-backup-tips-2017-04-08-01-10-01.tar.gz: No such file or directory

 

But /backups/ does exist:

scp.JPG

 

Configuration looks als follows:

 

server config.JPG

 

I think it is a problem with the path, but in which form Clearpass need the path?

Is there a way to start the backup manually?

 

Thanks in advance.

Laurent_Asselin
Hi, According to your screen capture, it seems /backups/ indeed does not exist. Change to the path to the full one : /home/LVRINTERN.LVR.DE/z13cppm/backups/ Regards,
nitinsalve86

Thanks for the update this really useful information. Just want to know which SFTP client is used winscp ?

Revanth

Hi,

    I have configured the File Backup Server according to the screen shots, but i am facing an issue and my ftp server is configured with port 21.I am posting the screen shots.Any help would be appreciated.FTP_Server.PNGError.PNG

FTP and SFTP are different - is you server an S-FTP server?  The S stands for secure, but usually means SSH is used as a wrapper for FTP services.  Generally that's port 22.

Solarwinds is expecting an SFTP sever, and not an FTP server.

Josue.Ruiz

I used Insight>Administration>Settings>File Transfer Settings to test the remote directory path. I kept receiving a backup failure with "Reason: [Errno 13] Permission denied". This was due to the missing forward slash(/) at the beginning of the path. Depending on the permissions set on the SFTP/SCP server to create or modify new directories, I had to create the folders with WinSCP first then point the path in the Remote Directory field. In my case, Clearpass would fail to create a new folder if the path was not already made. After creating the desired folders manually and forward slash, Insight and Policy Manager now transfer files as expected.  

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: