Video

[VIDEO] Using Virtual IP interfaces in a ClearPass Cluster

This video will teach you how to set up Virtual IP interfaces on two ClearPass Policy Managers in a cluster. This allows you to have a secondary RADIUS, TACACS+, WebAuth and captive portal options in the event one of the appliances is off-line.

 

This is a great feature to use when setting up "Intermediate" ClearPass functionality.

Version History
Revision #:
4 of 4
Last update:
‎06-28-2013 07:42 PM
Updated by:
alc
 
Contributors
Comments

Michael Caine works for Aruba?!

 

Sweet!

MVP MVP

Great video!

 

I'm not sure I follow the use case for setting up two VIPs, when the two servers are members of both VIPs but in opposite order. Is this so you can accomplish an active/active setup with failover?

Moderator

@thecompnerd2 - In short Yes. This would be a very valid use case. You could also look to split certan services across the cluster but know that in the event of a failure, reuests for RADIUS/CaptivePortal or some other process such as AirGroup could still have their requests serviced bu one of the CPPM instances. 

jhenley

What about setting up VIP1 with CPPM1 and CPPM2, and setting up VIP2 with CPPM3 and CPPM2?  Would that configuration make use of all three servers, and provide functionality regardless of which server failed?

BruceM

Am I missing something or do both of the CPPM devices need to be on the same subnet? Unlike a netscaler VIP there is nothing in front of the devices to do a ip/mac rewrite. We are trying to do something similar but our CPPM devices are physically located in different datacenters on different subnets. Any thoughts on this? Thanks.

Bruce

Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.