Security

Reply
Highlighted
Aruba Employee

ClearPass Policy Server is down after the recent AV/AS update.

Aruba releases ClearPass posture and profile data updates online and ClearPass servers check for these updates on an hourly basis.

 

Version 1.48743, which was released today, had caused the policy service to crash causing authentication issues.

  

Aruba has released an updated version, 1.48751, which has resolved the issue.

 

Please ensure that the update is installed and the policy service is running on all the nodes in the cluster by following steps below:

 

  • To install AV/AS Update version 1.48751, navigate to ClearPass Policy Manager GUI: Administration >> Agents and Software Updates >> Software Updates page and click on "Check Status Now".
  • Navigate to  Administration >> Server Manager >> Server Configuration >> {{server name}} >> Services Control. Ensure that the "Policy Server" service is running. If it is stopped, click the Start button.

 

NOTE: Admin authentication to ClearPass UI with non-local admin account will fail, if the policy server is down. Use a local admin account (Administration >> Users and Privileges >> Admin Users) to access the WEB UI or or start the policy server from CLI to gain access.

 

To restart policy server from CLI, please SSH to the ClearPass server using appadmin account and execute the below command.

service restart cpass-policy-server

 

 

Note: All ClearPass servers that are online would have already been updated to the lastest AV/AS version - 1.48751, without user intervention. You may just need to start the policy server to fix the issue.

Thank you,
Saravanan Rajagopal


**Did something you read in the Community solve a problem for you? If so, click "Accept as Solution" in the bottom right hand corner of the post.
Occasional Contributor II

Re: ClearPass Policy Server is down after the recent AV/AS update.

Hi Saravanan,

 

I have a query:

 

I have done 802.1x authentication using EAP-PEAP-MSCHAv2 using Aruba ClearPass as the Authentication server and Aruba Mobility Controller.

I integrated my AD with the ClearPass and downloaded the certificate from AD CS to the controller. I gave default enforcement profile and enforcement Policy.

 

Authentication is working fine and i could see in  the access tracker that the domain PC is authenticated.

But the problem is i dont have PEFNG Licensce in my controller and as a result i cannot create a user role in my Aruba Controller. So after authentication i can see that  the users are falling to GUEST Role and these users are not able to access internal servers or share folders or internet.

They can ping the internal Resources but not able to access it.

 

What might be causing issue?

 

Is there any way to create a user role and access lists for this user in the Aruba ClearPass and enforce it on the 802.1X SSID?? so that i can get away without purchasing the PEFNG License.

 

Any suggestions or advices would be really helpul as my manager is my eating my head over this.

 

Thank you.

Guru Elite

Re: ClearPass Policy Server is down after the recent AV/AS update.

Please start a new thread. This has nothing to do with the original topic.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: ClearPass Policy Server is down after the recent AV/AS update.

Hi Tim,

 

Sorry.

 

I've been trying to start a new thread for past 1 hour but i can't see the options to start a new thread anywhere.

 

Can you just help me out with this?

 

Thank you.

Occasional Contributor II

Re: ClearPass Policy Server is down after the recent AV/AS update.

Hi Tim,

 

Finally i opened a new thread.

 

Can you help me out with this one as my Manager is eating my head.

 

Below is the link to my thread:

http://community.arubanetworks.com/t5/Community-Feedback/The-Users-are-falling-under-GUEST-ROLE-after-802-1X/td-p/310847

 

Thank You.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: