New Contributor

Clearpass Virtual IP Issue

Hi Guys. 


I have configured a virtual IP between two Clearpass Apliances with the following settings:


*Clearpass Onboard acting as main AAA server and captive portal for BYO Devices.

*Virtual IP settings:

  • Primary Node: Publisher CCPM
  • Secondary Node: Subscriber CPPM 
  • Both with the MGMT Interface. 
  • DNS Record in the network is configured to point to the virtual IP address. 


When Primary Nodes fails (and publisher CCPM) the following happens:

  • The secondary node accepts dot1x authentication requests and works without any problems. BYO Devices can authenticate to the wireless network without issues. 
  • But Captive portal page is redirected to the /agen/portal and not to the onboard page.


I have the following questions:


Does Virtual IP provides full redundancy for Onboard and Guest services?

Is this an expected behaviour?

In the old amigopod architecture, I remember that Virtual IP setup provided full captive portal redundancy. 


Kind Regards, 










Re: Clearpass Virtual IP Issue

The VIP will only do full fail over if you have auto promote turned on to make the subscriber the new publisher. Only the publisher can add new guests or onboarding.
Thank You,

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Search Airheads
Showing results for 
Search instead for 
Did you mean: