Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

How can the switch know if ClearPass is online

This thread has been viewed 0 times

  • 1.  How can the switch know if ClearPass is online

    Posted Sep 15, 2019 09:55 PM

    Hi,

    Is there a mechanism by which the switch can know if the ClearPass server is online and available at any given time.

    The idea is if the switch tries to authenticate a client against ClearPass but is down and unreachble, so the client will be put into a guest vlan and wait for the server to be back online but my question is how would the switch know if the clearpass is online, is there any  keepalive mechanism between the switch and the server? If yes please point me to some documentation about it.

     

    Thanks



  • 2.  RE: How can the switch know if ClearPass is online
    Best Answer

    EMPLOYEE
    Posted Sep 15, 2019 10:05 PM
    Most network devices will mark a RADIUS server out of service if X number of requests timeout. It really has nothing do to with CPPM and the config varies by switch vendor. Some vendors have the ability to generate bogus RADIUS requests.


  • 3.  RE: How can the switch know if ClearPass is online

    Posted Sep 15, 2019 10:11 PM

    NIce, thanks for the response. Could you please give a response to another of my question I posted couple of days ago.

    https://community.arubanetworks.com/t5/Security/Default-destination-redirect-issue/td-p/553247