Security

Reply
Contributor II

ClearPass Software Update through HTTP Proxy Server

Hello,

 

is it possible to add a HTTP/HTTPS proxy server to the configuration of a ClearPass Policy Manager 6.0.1 appliance?

 

We have to use a proxy server to access web sites from our corporate network. So this would be the easiest way for me to give CPPM the ability to connect to the web service in order to get its updates.

 

Thanks for your help!

 

cheers,

Harald

MVP

Re: ClearPass Software Update through HTTP Proxy Server

 

This might be what you're looking for:

 

  • Administration / Server Manager / Server Configuration
  • Select and open the server config
  • Select the tab "Service parameters" and select the "Clearpass system service"
  • This has a Http proxy setting

 

 

 

 


Regards
John Solberg

-ACMX #316 :: ACCP-
Intelecom - Norway
----------------------------
Remember to Kudo if a post helped you! || Problem Solved? Click "Accept as Solution" in a post!
Contributor II

Re: ClearPass Software Update through HTTP Proxy Server

John,

 

brilliant, that did it! Thanks for your help!

 

cheers,

Harald

Re: ClearPass Software Update through HTTP Proxy Server

Are you having any issues getting firmware updates through your proxy?  I'm getting the posture definitions just fine, but the firmware updates fail.

=======================================
If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users.
Contributor II

Re: ClearPass Software Update through HTTP Proxy Server

I tried to get the firmware update as well and the file for 6.0.2 downloaded all right through the proxy server.

 

The upgrade itself failed but that was because the VMware instance wasn't prepared properly.

 

Does the download of the new firmware start at all?

Do you see anything in the log files of your proxy server?

Re: ClearPass Software Update through HTTP Proxy Server

CP says that the Webservice could not be contacted. I've had a support ticket open for 3 weeks with Aruba about this.

I opened an incident with my proxy support as well. The proxy logs indicate that CP is trying to connect to an FTP, but the URL being requested is clearly just HTTPS.
=======================================
If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users.
Contributor I

Re: ClearPass Software Update through HTTP Proxy Server

having a similar issues..

 

is the firmware update using ftp or http?

 

Is there a way to use an FTP proxy entry?

 

Or can I download the latest firmware and upload to the server?

 

thanks

Guru Elite

Re: ClearPass Software Update through HTTP Proxy Server

Vinsona,

 

Kindly open a support case.  Your options will be specific to the version of code you have deployed, your network setup and a few other factors.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Re: ClearPass Software Update through HTTP Proxy Server

Firmware updates are downloaded via HTTPS and must be downloaded via your CP server.

 

My solution was to create firewall rules to allow the update through.  I gave up on getting it to work through my proxy as I got tired of my web proxy support and TAC pointing fingers.

=======================================
If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: