Security

Between 9am and 10am GMT+1 I just got a storm of calls from many of my Clearpass customers. "things" stopped working. Policy Service stopped and can't be restarted.

 

Looking at the Even Viewer I see that there was a Update pushed seconds before the policy service stopped.

 

I confirmed the same incident at several customers (5+). In my lab I don't have an active sub - and thus I don't have the problem there.. Also confirmed with other partners working with Clearpass.

 

So.. This is scary as *****. On the phone with TAC now..

Hi John,

Here in The Netherlands we are having the same problem. 1500 clients down in a educational environment! :-/

 

Can somebody help us to pick up the phone? The supportdesk is overloaded!

 

I hope that HPE can fix this quickly!!

Think they've just fixed it.. latest release has it working now.

Yes, Patch 1.48751 fixed it for both 6.6.7 and 6.6.8. Need to "Check Status now" and start the Policy Server service.. *phew* Still - we have many customers which will need some answers and assurances that this will not happen again..

Agreed.. They shouldn't be pushing out updates without testing them. Not good considering how much the whole network relies on Clearpass. Lots of unhappy people around.

can you pls tell me where's  "check status now" button?

Go to Administration - Agents and software udpates -Software update - check status now.

 

 To check the policy service

 

Go to Administration - Server configuration - Click on the server - Service Control - And check that the policy server is running. Otherwise, click on start.

Only have CLI access, not GUI, so unsure how force a check/refresh against online and do the AV update

Hi there,

 

Can somebody tell me how to do this on the cli?

 

 

Regards

Hi,

I think you cannot do the "check status now" from CLI, but you can
upload it downloading it from support.arubanetworks.com

found this:

http://community.arubanetworks.com/t5/tkb/articleprintpage/tkb-id/AAANACGuestAccessBYOD/article-id/342


Have a look onto it, or call directly TAC if nobody else replies in
Airheads.



Once it is completed:
[appadmin@cppm01]# service status cpass-policy-server
Policy server [ cpass-policy-server ] is running

[appadmin@cppm01]# service  restart cpass-policy-server

Stopping cpass-policy-server:                              [  OK ]
Starting cpass-policy-server:                              [  OK ]

Hi,

 

This particluar AV/AS update can not be performed from CLI. The server will cehck for this online uopdate every one hour. So, you servers may already be updated to fixed version.

 

Try restarting the policy server from cli and check the status
#service restart cpass-policy-server

Please contact TAC if the serivice restart fail.

This is ridiculous Aruba...  I'm glad I'm visiting your HQ in a few days.  Expect a sh!tstorm coming your way. 

I too am unhappy that I have had to drive in to work to reboot a server (or so) and force an update to get folks back online, yet feel it needs saying:

Aruba has been updating the AV/AntiSpyware bits for years, and this is the first time they've had an issue I noticed.

 

That's around .9995 uptime - if only my other vendors were that good!

[I'm counting one day in slightly over 5 years, when I should be counting about 4 hours, so I've cast them in a terrible light ;) ]

Hi Everone,

ClearPass team releases Posture and Profile Data Updates online and the server checks for these updates on an hourly basis.

 

The Posture and Profile Data update version 1.48743 which was released today had caused the Policy Service to crash causing authentication issues.

  

ClearPass team has released an update 1.48751 which has resolved the issue.

 

Please ensure that the update 1.48751 is installed and the Policy Service is running on all the servers in the cluster, by following the below stated steps.

 

·         To install AV/AS Update version 1.48751, Please navigate to ClearPass Policy Manager GUI àAdministration à Agents and Software Updates à Software Updates page à Click on 'Check Status Now".

 

·         Please navigate to ClearPass Policy Manager GUI à Administration à Server Manager à Server Configuration à Click on the name of the server à Services Control à Check for the status of the Policy server.

 

·         If the status is Stopped, please click on the Start button next to it, to start the service.

 

Update to 1.48751 solves the issue. Had the same problem with my customer. Just updated, restarted service and it works again. But agree, that shouldn't happen.

Received an emergency call during night and woke up to our 6 Clearpass servers not authenticating anything because RADIUS requests weren't categorized. I'm really surprised that the antivirus updates can cause a crash on the policy manager.

With today's IOT and IIOT (Industrial), we manage it using Clearpass. This resulted in downtime on assembly lines worldwide + employees and customers.

I hope an official communication will be sent soon...

Same here, we are on the HealthCare industry and had all 4 CPPM servers down with more than 15,000+ clients failing to authenticate throughout the enterprise.

 

Im wondering if we could have an option to choose when to install those updates, similar to the Firmware and Patch Updates.

 

Imagine how stressfull this was for us when dealing with patient lives.

 

Thanks,

 

Andres P.