Hey all, I ran into an interesting issue with deploying a ClearPass VA-5k on Hyper-V. The Hyper-V version is 2012 R2, and the VA was deployed using the latest template downloaded from Aruba.
The issue was that the VM would run for a few hours and then suddenly lose all network connectivity. A reboot would restore it, again for about 5-6 hours, then it would disappear again.
The Hyper-V administrator noticed a few things:
- the template is built using a very old Hyper-V version (2008 I believe).
- the NICs are set to be "legacy" NICs
- the driver for the Legacy NICs is very out-of-date
Hyper-V Event Viewer gave us this warning:
"Networking driver in CLEARPASS loaded but has a different version from the server. Server version 5.0 Client version 3.2 (Virtual machine ID 81A9D98D-595A-4295-9160-EA0E4C18DD95). The device will work, but this is an unsupported configuration. This means that technical support will not be provided until this problem is resolved. To fix this problem, upgrade the integration services. To upgrade, connect to the virtual machine and select Insert Integration Services Setup Disk from the Action menu."
So, since there's no way to access the root shell in ClearPass, I won't be able to update the drivers.
What I did instead was remove the Legacy NICs, and replace them with the standard "Synthetic NIC". ClearPass had no problem recognizing the new NICs and network connectivity was restored.
At this point I'll continute monitoring the appliances to see if this is a permanent fix, but thought I would put this out there for anyone else running ClearPass on Hyper-V. Maybe Aruba / HPE should consider updating the template and drivers in their VA?