Security

Reply
Valued Contributor I

clearpass dhcp packet processing

Might be a silly quesstion..

 

I've configured our router endpoints to forward dhcp requests not not only to our UoY dhcp server but also the master publisher for each of our two clearpass clusters.

 

quesiton, do I have to point dhcp requsts at the aster publisher or can I point them at a secondary node as well ? Just thinking of how a cluster might provess inbound dhcp requests if the publisher os offline for some reason

 

A

Re: clearpass dhcp packet processing

You have to configure it to send dhcp packets to both nodes. You have more details of ClearPass behaviour in "ClearPass Profiling Technote".


Rafael del Cerro Flores
ACMP, ACCP, ACDX#324, ACCX#711
Valued Contributor I

Re: clearpass dhcp packet processing

o.k. onlyversion of that I can find is cppm 6.5 and yes can remeber an endpoint classification checkboc being there at one point but in 6.7 its not there, All I see is as shown in the png file

Valued Contributor I

Re: clearpass dhcp packet processing

That would imply that for our production cluster I'd have to send it to 6 servers

 

Can anyone point me to a clearpass profiling technique doc for 6.7.2?

Can't see any refernece to a checkbox for "allow this node to perform endpoint classification"

Re: clearpass dhcp packet processing

You can check the Release Note of CPPM 6.7:

Screen Shot 2018-04-19 at 17.43.47.png


Rafael del Cerro Flores
ACMP, ACCP, ACDX#324, ACCX#711
Valued Contributor I

Re: clearpass dhcp packet processing

So just to check

 

If we don't specifiy a primary and secondary master server in zone, the server with the highest UUID gets selected.

 

If we're pointing dhcp requests at our master publisher but the primary server is one of our secondaries because we haven't set the master server in a zone then does that mean that our dhcp collecctor won't work?

 

Have tried this on our dev cluster and "stuff happened"  unfortunately a colleague was also doing things at the same time to the device we were using to test this so this is just a check

 

Valued Contributor I

Re: clearpass dhcp packet processing

Just tracked this down as well but many many  thanks for the info

Rgds

Alex

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: