Security

 View Only
last person joined: 2 days ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

CPPM 6.11.0 TACACS not in access tracker

This thread has been viewed 43 times
  • 1.  CPPM 6.11.0 TACACS not in access tracker

    Posted Nov 01, 2022 11:48 AM
    I have installed a new ClearPass 6.11.0 server and restored a configuration backup of a 6.10.7 installation.
    Now my TACACS authentications are not appearing in the access tracker.
    I can see the counters in the services increasing.
    All Radius requests are normal in the access tracker.

    I have checked on my Fortigate and monitored traffic and I can see the Tacacs request being answered by CPPM.

    The authentication is also working as expected.

    Best regards,
    Rob Hassing


  • 2.  RE: CPPM 6.11.0 TACACS not in access tracker

    Posted Nov 01, 2022 11:53 AM
    Hi Rob

    I had the same issue in 6.10 after upgrading from 6.9.
    The issue was solved by TAC, so I should contact TAC if I got this behavior. I don't think you can do anything.
    In the cluster we had the issue on two out of three servers. One was working normally with the TACACS requests showing up in the Access Tracker

    ------------------------------
    Best Regards
    Jonas Hammarbäck
    ACCX #1335, ACMP, ACDP, ACNSP, ACEP, ACSA
    Aranya AB
    If you find my answer useful, consider giving kudos and/or mark as solution
    ------------------------------



  • 3.  RE: CPPM 6.11.0 TACACS not in access tracker

    Posted Nov 02, 2022 03:40 AM
    In my case after upgrade to 6.10.7 TACACS server on publisher just stop responding. Port 49 is closed and all TACACS requests are served from subscriber. Working with TAC on this problem, but no resolution on horizon yet.

    Best, Gorazd

    ------------------------------
    Gorazd Kikelj
    ------------------------------



  • 4.  RE: CPPM 6.11.0 TACACS not in access tracker

    Posted Nov 02, 2022 09:40 AM
    Curious what the use-cases are for upgrading/running 6.11.0?  Typically running a .0 release is not recommended.  I always like waiting until at least the first patch is released.


  • 5.  RE: CPPM 6.11.0 TACACS not in access tracker

    Posted Nov 02, 2022 10:49 AM
    This is not a real production environment and I would like to test the upgrade procedure.


  • 6.  RE: CPPM 6.11.0 TACACS not in access tracker

    Posted Nov 02, 2022 01:16 PM
    It's not really upgrade. It is migration due to change in the underlaying linux distribution to RedHat enterprise. So you need to install new Clearpass server and import databases, certificates and other bits and pieces.

    Best, Gorazd

    ------------------------------
    Gorazd Kikelj
    ------------------------------



  • 7.  RE: CPPM 6.11.0 TACACS not in access tracker

    Posted Nov 03, 2022 05:25 AM
    According to the documentation it was possible to restore a backup of the 6.10.7 installation.


  • 8.  RE: CPPM 6.11.0 TACACS not in access tracker

    Posted Nov 03, 2022 08:55 AM
    Herman did a great youtube video on this topic.

    Video link

    Best, Gorazd

    ------------------------------
    Gorazd Kikelj
    ------------------------------



  • 9.  RE: CPPM 6.11.0 TACACS not in access tracker
    Best Answer

    Posted Nov 28, 2023 08:58 PM

    I had the same issue too on v6.11.6.. TAC confirmed this is a known bug in v6.11 and is slated to be fixed in v6.12. Until then, to fix this TAC has log in to CPPM with shell access and run the following command:

    psql -U appsuperuser -d tipsLogDb -p 5433 < /usr/local/avenda/common/share/schema/tipsLogDb/tables/70-tacacs-server-stored-procs.sql

    TACACS requests started showing up in access tracker immediately and I was told this command would remain after any CPPM reboots.