Security

Reply
MVP
Posts: 112
Registered: ‎01-05-2016

What redundancy model does ClearPass support if have multiple CPPM? What are the difference ?

Hi , we are going to buy 2 ClearPass , what redundancy mode do ClearPass support? HA , Cluster... What are the difference? Please advise. thanks in advance

Guru Elite
Posts: 8,759
Registered: ‎09-08-2010

Re: What redundancy model does ClearPass support if have multiple CPPM? What are the difference ?

ClearPass uses a cluster model. They operate in active/active.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
MVP
Posts: 112
Registered: ‎01-05-2016

Re: What redundancy model does ClearPass support if have multiple CPPM? What are the difference ?

thanks for reply.

 

So 2 CPPM should be configured as publisher/standby publisher, or publisher/subscriber? If enable Virtual IP service, the controller should point to virtual IP address, right? 

Guru Elite
Posts: 8,759
Registered: ‎09-08-2010

Re: What redundancy model does ClearPass support if have multiple CPPM? What are the difference ?

There is no such thing as a standby in ClearPass. There is one publisher and
multiple subscribers. All are active.



The VIP should be used for the guest captive portal URL. For RADIUS
authentication, configure both servers individual and enable load balancing.



Please work with your ClearPass partner on this design.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
New Contributor
Posts: 2
Registered: ‎11-17-2015

Re: What redundancy model does ClearPass support if have multiple CPPM? What are the difference ?

there's a recent video on the aruba YouTube channel that covers clearpass clusters thay may be helful to you: https://youtu.be/9Vkz6JwKj0Y


#AirheadsMobile
Regular Contributor I
Posts: 359
Registered: ‎03-02-2017

Re: What redundancy model does ClearPass support if have multiple CPPM? What are the difference ?

Hi,

 

The VIP should be used for the guest captive portal URL. For RADIUS authentication, configure both servers       individual and enable load balancing.

How is the failover addressed in the case of RADIUS authentication? I understand some NAD devices points to node 1 and some point to node 2 for load balancing and redundancy. What happens if node 1 fails? Will all the authentications through NADs pointing to node 1 fail? Do we have to change these NADs to point node 2?

 

Regards,

Julián

Guru Elite
Posts: 8,759
Registered: ‎09-08-2010

Re: What redundancy model does ClearPass support if have multiple CPPM? What are the difference ?

You have 4 options

  1. Define multiple servers on the NAD and they should fail through
  2. Use a load balancer
  3. Use the virtual IP of ClearPass
  4. Manually change it

 

1 and 2 are the recommended methods.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Regular Contributor I
Posts: 359
Registered: ‎03-02-2017

Re: What redundancy model does ClearPass support if have multiple CPPM? What are the difference ?

Very clear, many thanks!

 

Regards,

Julián

Search Airheads
Showing results for 
Search instead for 
Did you mean: