Security

Reply
Highlighted
Moderator

Re: Clearpass vIP issues

Hi I've seen and experience issues similar to what you've experencing. Typically this has occured when the ESXi host are using Distributed vSwicthes rather than standard vSwitch.

 

Can you please confirm which you are using?

 

I've seen environements where the Distrubuted switchs port security profile limit/suppresses the multicast trafic used for functions like VRRP.

 

Go take a close look at the security settings for the swicthes in general, even if you using standard vSwitch.


Best Regards
-d

ClearPass Product Manager

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Highlighted
Contributor I

Re: Clearpass vIP issues

We are using distributed vswitches, I will check the security settings now and let you guys know. Thanks again for the help!

Highlighted
Contributor I

Re: Clearpass vIP issues

Looks like promiscuous mode, mac address changes and forged transmits are all set to reject. I am working with the system admins to get these modified and then I will retest. 

Highlighted
Moderator

Re: Clearpass vIP issues

You should only need forged transmits for the distributed switch.



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post

Highlighted
Contributor I

Re: Clearpass vIP issues

That fixed it, thanks everyone for the help! 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: