Security

Reply
Frequent Contributor I

Clearpass subscriber join failed

Hello Airheads,

 

I am trying to join cppm subscriber node  to publlisher. Both running on same version, NTP, same subnet, valid license. No port blocking between two IP's. But i am getting following error:

c2.JPG

Ping:

c1.JPG

 

any clue?

MVP Guru

Re: Clearpass subscriber join failed

Do you have a firewall between the Pub and Sub ?
If so make sure the following ports are allowed between the two nodes:
https://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/What-are-the-ports-that-need-to-be-opened-on-the-network/ta-p/175872

What version are you running ?

Sent from Mail for Windows 10
Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Highlighted
Frequent Contributor I

Re: Clearpass subscriber join failed

I'm running on 6.8.0.109592.

 

No port blocking in firewall. Both VM's connected to same switch

Aruba

Re: Clearpass subscriber join failed

Need to update the DB cert and include ip address in the SAN field.

IP:xxx.xxx.xxx.xxx

I believe there should have been something put in the release notes but im not positive.
Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Occasional Contributor I

Re: Clearpass subscriber join failed

I ran into the same issue with 6.8.0.109592 on a new L3 cluster over ipsecVPN.

 

Both CPPM's where using the self signed cert.

 

I created a new HTTPS server certificate signed by the internal domain-CA for both an added the domain-CA cert as trusted root. Afther this, the cluster was formed.

 

P.S. I also included the CPPM IP in the SAN field of the CSR.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: