for a customer I need to migrate their MM's to a different subnet. To limit risk of loosing configuration I set up a L3 redundant set of MM's
Primary MM (and it's vrrp peer) are using RADIUS mgmt authentication using Clearpass. I forced database sync to the secondary MM's
When I tried login in to the secondary MM with a RADIUS account, I noticed a login failed with no record in the Clearpass Access Tracker.
After logging in with the local admin account I noticed the GUI was sync'd. All login configuration is the same as primary. In the cli of the secondary the config settings are not the same .
show database sync does not show any errors
Attached pictures show the authentication servers. Notice the CPPM nodes are missing in the CLI
Current version is 126.96.36.199 Upgrade to latest will be done after some network changes are done.
Any solution how to fix this in 8.5.03?
yes I did and no, there's nothing coming up in the access tracker.
Check out the pictures. In the GUI the CPPM radius server entries are there, in the CLI only the default authentication server (internal) is there. Both Clearpass entries are missing.
Edit 23/10. In some documentation I found the command master-l3redundancy config-sync. This command is not known in 188.8.131.52 or might be hidden? In the same document I found some debug commands related to config-sync. I found a lot of config node not found errors in de secondary primary MM. I checked and rechecked IPSEC shared secrets and they are all fine.
Guess an upgrade is in order
MM upgrade to 184.108.40.206 fixed the issue.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.