Security

 View Only
last person joined: 21 hours ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

CPPM behavior on a cluster member failure

This thread has been viewed 10 times
  • 1.  CPPM behavior on a cluster member failure

    Posted Jun 29, 2022 10:54 AM
    Hi all,
    please help me understanding the CPPM behavior at the occurrence of a cluster member failure.
    I have a cluster of two CP-5K-HW with high density configured.
    One member, say the subscriber goes down and it is not replaced within 24 hours.
    Now cluster breaks and publisher turn to be single with its 5k license.

    Whats happen if in the field I have, say, 7k device authenticated (and 802.1X re-auth not enabled at the access switches)?
    Thanks

    Luigi


  • 2.  RE: CPPM behavior on a cluster member failure

    EMPLOYEE
    Posted Jul 21, 2022 10:54 AM
    Please upgrade to a recent version as high-capacity-guest mode is no longer available in any of the current supported ClearPass versions. You should be running ClearPass 6.9 or newer; otherwise you will have known security vulnerabilities.

    What version are your running?

    Current versions of ClearPass changed to 'loose license enforcement' and you won't have issues, just get warnings that you are exceeding your licensing and/or platform capacity.

    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------