I've not seen any options in ClearPass for active monitoring of an external RADIUS server.
Original Message:
Sent: Apr 14, 2024 03:35 AM
From: cauliflower
Subject: ClearPass - proxy servers status check
Thanks Carson,
Apologies for the slow response. Does ClearPass send 'test' requests periodically automatically? Or is that something we need to set up?
Guy
Original Message:
Sent: Apr 09, 2024 08:52 AM
From: chulcher
Subject: ClearPass - proxy servers status check
Proxy operation is set with the Proxy section of the per-server service parameters. ClearPass is behaving the same against a proxy target as a NAS acts against ClearPass, sending a request and waiting for a reply, successive failures (i.e., "maximum retry count") will result in the target being marked as dead for a period of time.
https://www.arubanetworks.com/techdocs/ClearPass/6.12/PolicyManager/Content/CPPM_UserGuide/Admin/ServerConfig_serviceparamsradiusserver.htm
------------------------------
Carson Hulcher, ACEX#110
Original Message:
Sent: Apr 09, 2024 04:54 AM
From: cauliflower
Subject: ClearPass - proxy servers status check
Hello,
6.11
Pub and standby pub + 4 subscribers
Is there an way to check whether ClearPass thinks a FreeRADIUS server that it proxies to is up or down?
We recently had some disruptive router works done, we had to failover our ClearPass cluster to our B site and then back again and rebuilding the cluster was a little problematic. Two of the ClearPass subscribers (when re-added to the cluster) started filling up with Proxy event messages marking the two FreeRADIUS servers as down (and auths looked to be failing). We took those two ClearPass boxes out of the AOS server group so are no longer sending requests to them. The logs stopped filling with messages but I'm not sure whether that is just because we have stopped sending messages, or whether they have now marked the FR servers as up.
How does ClearPass ascertain whether a peer is up or not? Is that info easily viewable?
Thanks,
Guy