Security

Hi,

I'm using Version 6.7.9.109195 of clearpass.

If I'm using the "Trigger Server Action" -> "On Demand Endpoint Scan" Action from the Endpoint menu, nothing happens on the client. I checked with wireshark - no packt is comming from CPPM.

Same behaviour if I'm using this option as an Enformenct Profile ( Target-Server = localhost, Action = On Demand Endpoint Scan)

Client IP-Adress is correct in the enpoint repository.

If I'm doing a network scan on the IP-Adress of the client everthing is working fine - so WMI Credentials are correct.

Any ideas?

Yes - accounting data is received.

Hi all, 

This is a Known bug in the 6.7 version. I have open a TAC and the answer was: 

The "on demand endpoint scan"  feature introduced  have loophole recognizing ip and triggering scan,  this will be fixed in 6.8. 

Elena

Yes - same for me. I opend a ticked and TAC checked it on monday.

Got the same response - it will be fixed in 6.8.

Just updated to 6.8.0  but the ondemand scan is still not working.

Couldn't fint anything in the release-notes to this point and didn't get an answer from TAC.....

Same Here. 

Hi!

Is this still an issue? I'm trying out "ondemand endpoint scan".

And I see nothing in our firewall to the endpoint IP.

Trying to figure out if I'm doing something wrong or if it's just a bug.

Guess I'm having the same issue aswell.

Nothing happens when triggered.

Same here. 6.8.4. I an opening a TAC case and will post findings. 

Update. I am doing On-Demand Subnet scans. It works when launching the scan from Monitor / Profiler and Network Scan / Network Scan Results. That section also has an option to Start a scan. 

It does not work when launched from Configuration / Network Scan. 

TAC is working to reproduce in the LAB. 

TAC Engineer had us restart the Async Network service on the publisher. This did indeed correct the issue and I can run scans from either section. Hopefully this is isolated in that it needed restarted after upgrade to 6.8.4. If I find it needs constant restart, I will re-enage TAC. 

Happy scanning :-)

Not sure this is the same issue ?

Maybe the same root cause with the async service.

But the post (and also my issue) is with ondemand endpoint scan http server action.

Indeed, I was looking at the Network Scan functions which also has an OnDemand Scan. Can you try restarting your Async service and see if it corrects your issue?

Hi!

Sorry been very busy. Today I restarted async service and made no difference. I see no traffic from clearpass to client in the firewall.

Anyone managed to solve this ?