Security

Reply
Highlighted
New Contributor

ClearPass RADSEC Error

We recently starting receiving the following alerts from our ClearPass server. Has anyone else seen this or have any idea what may be the cause? Any information you can provide would be greatly appreciated. Thanks...


Policy Manager Server Source Level Category Action Timestamp

cppm01 (10.20.80.13) RADSEC ERROR Configuration Please install new certificate. Jul 16, 2019 03:00:34 EDT
cppm01 (10.20.80.13) RADSEC ERROR Configuration Please install new certificate. Jul 16, 2019 03:00:04 EDT
cppm01 (10.20.80.13) RADSEC ERROR Configuration Please install new certificate. Jul 16, 2019 02:45:38 EDT
cppm01 (10.20.80.13) RADSEC ERROR Configuration Please install new certificate. Jul 16, 2019 02:45:05 EDT

Accepted Solutions
MVP Expert

Re: ClearPass RADSEC Error

RADSec is a new feature that was added in 6.7.4 by default ClearPass is configured with a self signed RADsec cert that is valid for 1year which look like it expired

To fix this you just need to re-generate a new self signed under Administration > Certififcate>Certificate Store> Select Usage RADsec



Thank you

Victor Fabian

Pardon typos sent from Mobile
Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA

View solution in original post

Highlighted
Occasional Contributor I

Re: ClearPass RADSEC Error

We had to renew the RADSEC certificate too.
I just would like to add that we had to restart our CPPM publisher after renewal of the cert.

 

Version is 6.8.3.110034.

View solution in original post


All Replies
MVP Expert

Re: ClearPass RADSEC Error

RADSec is a new feature that was added in 6.7.4 by default ClearPass is configured with a self signed RADsec cert that is valid for 1year which look like it expired

To fix this you just need to re-generate a new self signed under Administration > Certififcate>Certificate Store> Select Usage RADsec



Thank you

Victor Fabian

Pardon typos sent from Mobile
Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA

View solution in original post

Highlighted
New Contributor

Re: ClearPass RADSEC Error

Awesome!  Thanks Victor!  That appeared to be the fix.  The RADSEC cert was definitely expired.  Have a great day!

Highlighted
Occasional Contributor I

Re: ClearPass RADSEC Error

Hi, we have a cluster of 1 publisher and 2 subscribers in our production environment, and I can see the publishers RadSec cert is about to expire. Could I just create a new self-signed one with a 5 year expiration without affecting the running environment in any way?

Highlighted
MVP Guru Elite

Re: ClearPass RADSEC Error


@caugdahl wrote:

Hi, we have a cluster of 1 publisher and 2 subscribers in our production environment, and I can see the publishers RadSec cert is about to expire. Could I just create a new self-signed one with a 5 year expiration without affecting the running environment in any way?


Yes !



PowerArubaSW: Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP... More info

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...) More info

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)

PowerArubaIAP: Powershell Module to use Aruba Instant AP

PowerArubaMC: Powershell Module to use Mobility Controller / Master


ACMP 6.4 / ACMX #107 / ACCP 6.5 / ACSP
Highlighted
Occasional Contributor I

Re: ClearPass RADSEC Error

We had to renew the RADSEC certificate too.
I just would like to add that we had to restart our CPPM publisher after renewal of the cert.

 

Version is 6.8.3.110034.

View solution in original post

Highlighted
Occasional Contributor I

Re: ClearPass RADSEC Error

We did not have to restart our environment on version 6.8.2.109931. It's probably smart to take a restart into consideration just to be sure however.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: