Security

Reply
Highlighted
Occasional Contributor II

Clerpasss 6.8 Clustering Problem on ESXI 6.7

Hi There 

I've got 2x instances of Clearpass 6.8, both servers are hosted by ESXI 6.7 

Both Servers are in the same subnet and can be pinged on both ends from Clearpass CLI's 

When im trying to add 2nd server as a subscriber ive got following Warning massage saying echo GET failed.

Has anyone expierienced similliar issue before ?

 

Regards 

Jack 

Super Contributor II

Re: Clerpasss 6.8 Clustering Problem on ESXI 6.7

Is there a firewall between the clearpass nodes?

Willem Bargeman ACMX#935 | ACCX #822

Please give me kudos if my post was useful!
If your issue is solved mark the post as solution!
MVP Guru

Re: Clerpasss 6.8 Clustering Problem on ESXI 6.7

CPPM cluster (subscriber-publisher)

  • UDP Port 123 NTP (Subscriber to publisher)
  • TCP Port 443 HTTPS (Bi-directional)
  • TCP Port 5432 PostgreSQL for DB replication (Subscriber to publisher)
  • TCP Port 80 HTTP (Between Nodes)
  • TCP Port 4231 NetWatch (Post Authentication module and the node where Insight is enabled

check if all this ports are opened

Regards,
Pavan
If my post address your queries, give kudos and accept as solution!
NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: Clerpasss 6.8 Clustering Problem on ESXI 6.7

Hi There 

Thanks for coming back to me on this. 

Both Clearpass Servers are hosted by the same ESXI host 

Also both servers are connected to the same Vswitch which is part of the same Vlan connected to Aruba Switch, there is no firewall in between the servers.

Are there any other ways to troubleshoot this issue ?

Many Thanks 

Jack 

 

Super Contributor II

Re: Clerpasss 6.8 Clustering Problem on ESXI 6.7

Are the HTTPS certificates valid and is the time correct on both machines?

Willem Bargeman ACMX#935 | ACCX #822

Please give me kudos if my post was useful!
If your issue is solved mark the post as solution!
Occasional Contributor II

Re: Clerpasss 6.8 Clustering Problem on ESXI 6.7

HI There 

HTTPS Certificates are on default (Out of the box) and Yes time is correct on both platforms 

 

Best Regards 

Jack 

MVP
MVP

Re: Clerpasss 6.8 Clustering Problem on ESXI 6.7

Make sure you using exact same software release on both nodes, is NTP configured and use the same cluserpassword on both servers.

 

If nothing work, pleas create a tac case.

Kind Regards Marcel Koedijk
HPE ASE Flexnetwork | ACMP | ACCP | Ekahau ECSE Design - Was this post usefull, Kudos are welcome.
Occasional Contributor II

Re: Clerpasss 6.8 Clustering Problem on ESXI 6.7

Yes, i think ive tried everythig and yes both of them are in the same version 6.8.x 

Thanks 

Re: Clerpasss 6.8 Clustering Problem on ESXI 6.7

Hi Jack,

 

Just wondering if you had any luck from TAC on this? I have the exact same issue on two of my boxes (on 6.8.1).

 

Thanks


Alexander.

 

 

University Information Services
University of Cambridge
Occasional Contributor II

Re: Clerpasss 6.8 Clustering Problem on ESXI 6.7

I have tha same problem on ESXi 6.5. My clearpass VMs are on the same subnet, have you resolved the issue?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: