@alexsuoy wrote:
Hi,
I need to roll out a cluster of 5 clearpass servers. User authentication requests are passed to individual servers in the cluster via an F5 load balancer performing "sticky persistence" based upon calling-station-id.
Our network routers use helper-address statements to forward dhcp requests to the master clearpass server in order to build up an endpoint database of known mac addresses.
Unfortunately, there doesn't seem to be much info on how to cluster clearpass servers though.
Can someone point me to a defintive document on how to roll out a clustered clearpass (6.4) service?
I know there is a Clearpass/F5 doc that will be out soon and Danny will post a message to the board when it is availible.
If I define 1 server as an insight master, how do I tell the other boxes where that master is? Similarly if I've got a master publisher how do i tell a secondary that its the secondary publisher?
Insight Master will anouce to the cluster when it is enabled.
I've been told that by clustering machines all licenses go into a central pool that can be used by any machine. Is this correct?
All Feature lic (Guest, OnGuard, and OnBoard) will go into the pool when the servers are in a cluster.
Rgds
Alex
Clustering a Server is Very easy to setup.
1. Log into the Publisher and go to Administration » Server Manager » Server Configuration
2. In the top right corner change Cluster password
3. Log into the CPPM that will be the subscriber. Go to Administration » Server Manager » Server Configuration
4.In the Top right click Make subscriber.
5. Put in the IP address of the Pub and the cluster password you just set.
There are some firewall considerations that will need to be made for communications between the cluster so keep that in mind. There are quite a few post in the forum on what ports are needed.