Security

Hi,

 

I can NO longer access the web console of ClearPass but I still can access the command console. I am using the vmware appliance of the new Aruba ClearPass. I noticed that when I check the services by using the command "service status all", some of the services like cpass-policy-server, cpass-tacacs-server, cpass-repl-server were NOT running. I did try to execute "service start all" and shows "OK" but then again when I check the status of the services, still it is NOT running.

 

I've been using the server for the past month now as an EVAL and then suddenly it STOP working. Could this be due to license expiration? It didn't even show or send me a notification that the license is soon to expired. I am desperate to put this back so that I can let the users to continue using the WiFi service while we are waiting for the proper gear that we order from Aruba to be installed here in our premises. I taught it could be the license because when I execute "show license" it has an error saying " ERROR - Caught error while displaying the application licenses".

 

I greatly appreciate for any technical support as I am really embarased to the whole company as I am the one responsible of recommending this solution and then suddenly it STOPS without a WARNING!!!.

 

Thanks,

Emmanuel

First thing, please open a TAC case to get to the root cause.

Second. The lic wouldn't cause the system to stop services. If its an Eval you might have filled up the HD space and that will cause some issues. TAC will need to log in as the root and delete the excess log files.

Fantastic!!! That was a quick response.:smileyhappy:

 

However I am using CP-VA-500 with software version 6.2.1.55992 installed on 250GB HDD. I don't think the HDD is filled up.

 

Thanks,

Emmanuel

Ok, First take a VM snapshot so you can revert back if needed.........

 

If you have a backup that is not located on the server you can use the below commands. If they are only local you will need TAC assistance. They will need to find the full file name to do a restore.

 

If you do have an off server backup you can run the cluster reset-database and see if the services start and stay running. 

 

I always recomend that you use the data backup tool located on the support site to pull auto backups to a sperate server.

 

http://support.arubanetworks.com/DOWNLOADSOFTWARE/tabid/75/DMXModule/510/EntryId/11857/Default.aspx

 

 

Restores Policy Manager configuration data from the backup file

Syntax

restore user@hostname:/<backup-filename> [-l] [-i] [-c|-C] [-p] [-s]

Where:

Table 10: Restore Commands

Flag/Parameter	Description
user@hostname:/<backup-filename>	Specify filepath of restore source.
-c	Restore configuration database (default).
-C	Do not restore configuration database.
-l	Optional. If it exists in the backup, restore log database.
-i	Optional. Ignore version mismatch errors and proceed.
-p	Optional. Force restore from a backup file that does not have password fields present.
-s	Optional. Restore cluster server/node entries from the backup. (Node entries disabled on restore.)

Example

[appadmin]# restore user@hostname:/tmp/tips-backup.tgz -l -i -c -s

Thanks Troy for the detailed suggested solution. However, I already did tried this solution before I posted a question here in the forum and it FAILS. However there's a message that keeps on showing as " Either the lower file is not in a valid eCryptfs format, or the key could not be retrieved. Plaintext passthrough mode is not enabled; returning -EIO". This message somehow is suggesting that the key is required which for my limited knowledge means a license key.

 

I am terribly concern if I am going to deploy this network solution. I guess I need to know the big WHY, WHAT & HOW did it happen? Please take note that the server didn't reboot and didn't manually install any update. Then suddenly the server is NOT operational. The fact that I don't know WHAT happen and WHAT causes it really makes me uncomfortable most especially when the management is asking for an answer. Is there a way to export any logs that can be use for analysis? 

 

Once again, thank you for a fantastic support.

 

 

Cheers,

Emmanuel

Thank you for getting back and letting me know.

 

With the thousands of CPPM deployed I haven't seen your issue personally and that is why its critical to get TAC involved so we can find the root cause.

 

The only cases that I have seen with your issue was when the drive is full.

 

 

Clearpass does track all changes that were made and TAC should be able to look in the logs to find the issue.

 

Did you have a external backup? If you do let me know and I can get you another eval key and you can do a restore to a new VM if its time sensitive.

Thanks for getting back to me so QUICK:smileyhappy:

 

Unfortunately I don't have any external backup. What I do have is a configuration backup that was created from a web console of CPPM and I exported it to a TFTP server. Is there a way to reload it back just to TEST? Who knows it might help. What is the command to check the hard disk free space just to eliminate hdd space as the possible culprit? du and df linux command doesn't work :smileylol:

 

What is the best way for me to return this server to operation. The server was configured by local Aruba System Engineer here in Sydney as an EVAL and is connected as well to 3200 controller with AP105 devices?

 

 

I still wanted to export any event logs for further analysis. Any how to procedure on that?

 

Cheers,

Emmanuel

Only TAC can pull the logs they will have to login with the support credentials.

 

You should be able to restore your config with a fresh server. Send me a private message with your contact information and I will work with the local SE to help out.

I have exactly the same error message about ecryptfs and I am not able to login. Did you ever get  an explanantion or find a solution to your issue?