Security

last person joined: 21 hours ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

CLEARPASS CLUSTER L3

Jump to Best Answer
  • 1.  CLEARPASS CLUSTER L3

    Posted May 09, 2019 10:04 PM

    Greetings,

     

    anyone here who have tried to do CPPM cluster (publisher-subscriber) via L3? client will locate C2000 on (2)different sites with different MGMT I.P. however cluster requires virtual I.P but it seems its only applicable on L2.

     

    primary services will be 802.1x wired and OnGuard Posture check via persistent agent.

     

    any info will be greatly appreciated.

     

    thank you very much 



  • 2.  RE: CLEARPASS CLUSTER L3

    Posted May 09, 2019 10:25 PM
    Virtual IPs have no relationship to cluster operations.


  • 3.  RE: CLEARPASS CLUSTER L3

    Posted May 09, 2019 11:20 PM

    Hi harvey.ysip,

    I didn't get your question. could you describe your question more?

    What is C2000? Why need virtual for two different site?

    Thanks.



  • 4.  RE: CLEARPASS CLUSTER L3

    Posted May 10, 2019 01:05 AM
    hi to all,

    thank you for your replies

    C2000 is a CPPM HW appliance.

    correct me if im wrong.im planning to do cluster between 2 sites via L3 with 1xCPPM HW each.the objective is to share license across and have HA(publisher on headoffice, subscriber on DR)

    thank you


  • 5.  RE: CLEARPASS CLUSTER L3
    Best Answer

    Posted May 10, 2019 01:48 AM
    L3 between nodes is fine. At the nas devices just define the two IP’s.

    Virtual IP across L3 is off course not possible


  • 6.  RE: CLEARPASS CLUSTER L3

    Posted May 10, 2019 02:48 AM
    hi willem,

    ok i understand now that I cannot configure Virtual I.Ps since they are on L3.

    does it mean i can still configure publisher-subscriber on 2 CPPMs? and I can still share licenses across the two?


  • 7.  RE: CLEARPASS CLUSTER L3

    Posted May 10, 2019 02:53 AM
    Sure! All features are available except virtual IP’s


  • 8.  RE: CLEARPASS CLUSTER L3

    Posted May 10, 2019 03:34 AM

    To form the cluster for your case, login to the DR CPPM and make scriber via Administration >> Server Manager after clicking on the hostname. After that key in the Publisher ip address and appadmin's password.

     

    Thanks.