Remote directory path for sending auto backup to a remote Windows host

Aruba Employee

Requirement:

How to configure the ClearPass to send the configuration backup to a remote Windows host?



Solution:

It is possible to configure the ClearPass to send the autobackup that it generates every day(@ 1:10 AM everyday) to an external server. This way, we will have the ClearPass configuration data handy for any unexpected events. 



Configuration:

1. Navigate to Administration » External Servers » File Backup Servers.

2. Click Add and configure a file backup server as shown below:

In case of a Linux server acting as a remote host, the remote directory option would be straight forward. For example, if we mention /tmp then ClearPass would create a directory by the name 10.17.164.156 within /tmp and will upload the autobackup file to that directory.

Incase of a Windows server acting as a remote host, we need to install SFTP/SCP server software as SSH is not natively supported (prior to Windows 10 1703).



Verification

In this example, we have used an open source SFTP server software that created a SFTP_Root as the root directory.

 

Platform Logs:

INFO - Auto backup of Configuration database and Session information are enabled

INFO - Building auto-backup-tips-2017-07-18-02-44-04.tar.gz ...

INFO - Starting backup. This may take some time...

INFO - Backup databases for AppPlatform

INFO - Backup databases for PolicyManager

INFO - Backup databases for Insight

INFO - Backup complete

INFO - Created the backup file auto-backup-tips-2017-07-18-02-44-04.tar.gz

INFO - Transferring auto-backup-tips-2017-07-18-02-44-04.tar.gz ...

INFO     SFTP /var/avenda/tips/dump/config/auto-backup-tips-2017-07-18-02-44-04.tar.gz -> 10.17.164.42:\\/10.17.164.156/\auto-backup-tips-2017-07-18-02-44-04.tar.gz

DEBUG    starting thread (client mode): 0x2008e50L

INFO     Connected (version 1.99, client WeOnlyDo)

DEBUG    kex algos:[u'diffie-hellman-group1-sha1', u'diffie-hellman-group14-sha1'] server key:[u'ssh-rsa'] client encrypt:[u'aes128-cbc', u'aes128-ctr', u'3des-cbc', u'blowfish-cbc', u'aes192-cbc', u'aes192-ctr', u'aes256-cbc', u'aes256-ctr', u'rijndael128-cbc', u'rijndael192-cbc', u'rijndael256-cbc', u'rijndael-cbc@lysator.liu.se', u'cast128-cbc'] server encrypt:[u'aes128-cbc', u'aes128-ctr', u'3des-cbc', u'blowfish-cbc', u'aes192-cbc', u'aes192-ctr', u'aes256-cbc', u'aes256-ctr', u'rijndael128-cbc', u'rijndael192-cbc', u'rijndael256-cbc', u'rijndael-cbc@lysator.liu.se', u'cast128-cbc'] client mac:[u'hmac-sha1', u'hmac-sha1-96', u'hmac-md5', u'none'] server mac:[u'hmac-sha1', u'hmac-sha1-96', u'hmac-md5', u'none'] client compress:[u'zlib', u'none'] server compress:[u'zlib', u'none'] client lang:[u''] server lang:[u''] kex follows?False

DEBUG    Ciphers agreed: local=aes128-ctr, remote=aes128-ctr

DEBUG    using kex diffie-hellman-group14-sha1; server key type ssh-rsa; cipher: local aes128-ctr, remote aes128-ctr; mac: local hmac-sha1, remote hmac-sha1; compression: local none, remote none

DEBUG    Switch to new keys ...

DEBUG    Adding ssh-rsa host key for 10.17.164.42: 2d7d8a6a8e7e75385de15eb951bad429bdbfcffb

DEBUG    userauth is OK

INFO     Authentication (password) successful!

DEBUG    [chan 0] Max packet in: 32768 bytes

DEBUG    [chan 0] Max packet out: 98304 bytes

DEBUG    Secsh channel 0 opened.

DEBUG    [chan 0] Sesch channel 0 request ok

INFO     [chan 0] Opened sftp connection (server version 3)

DEBUG    [chan 0] stat('\\\\/10.17.164.156/')

DEBUG    [chan 0] mkdir('\\\\/10.17.164.156/', 511)

DEBUG    [chan 0] open('\\\\/10.17.164.156/\\auto-backup-tips-2017-07-18-02-44-04.tar.gz', 'wb')

DEBUG    [chan 0] open('\\\\/10.17.164.156/\\auto-backup-tips-2017-07-18-02-44-04.tar.gz', 'wb') -> 776f645366747046696c6548616e646c6530

DEBUG    [chan 0] close(776f645366747046696c6548616e646c6530)

DEBUG    [chan 0] stat('\\\\/10.17.164.156/\\auto-backup-tips-2017-07-18-02-44-04.tar.gz')

INFO     [chan 0] sftp session closed.

DEBUG    [chan 0] EOF sent (0)

DEBUG    EOF in transport thread

INFO     No default filebackup servers for this CPPM server

INFO - Transfer of backup file auto-backup-tips-2017-07-18-02-44-04.tar.gz successful

 

As shown below, ClearPass has created a folder named 10.17.164.156 and uploaded the autobackup that it created successfully.

 

Version history
Revision #:
3 of 3
Last update:
2 weeks ago
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: