Security

Reply
Frequent Contributor II

Setting up CPPM on KVM

I'm trying to setup CPPM eval VM using centos 6.8 KVM. I got it installed, but I'm a novice when it comes to linux I'm not able to get the network to see the CPPM server. I have 2 NIC's bridged to the KVM virtual machine I don't understand where the IP address's are configured there seem to be 3 places one is the phisical NIC on the host box, one is QEMU/KVM connection details under network interfaces tab I can set it in each bridge configured the last place I can set the IP is the actual CPPM using CLI configuraition. I have tried setting it in CPPM, and the host network settings both didn't work I'm still not able to get to the CPPM management webpage. The host machine is able to get to the network there is no firewall configured.  

Re: Setting up CPPM on KVM

I assume that you followed to process of attaching 2 virtual network interfaces (Hypervisor default, bridged to your ethernet interface) and the 80GB second disk.

 

Did you get to point where you ran the initial configuration for ClearPass, the process where you set the appliance type, the management port IP, optional the data port IP, NTP, etc?

 

If you did, can you ping from the ClearPass to your host? Can you ping from your host to ClearPass? Can you ping from ClearPass to your default gateway?

 

Are you trying to access the ClearPass WebUI from your Linux host? Or from a remote system?

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).
Frequent Contributor II

Re: Setting up CPPM on KVM

I got all the way though the CPPM configuartion orginally I configured the IP of CPPM to the same as the host IP's NIC because it was bridged to that I just assumed bridging means in network world is layer 2 and IP address would be sharing the same IP as the host IP. Later I set the CPPM managment IP to a different ip in the same subnet i was not able to ping to it from the outside either. I didn't try pinging out from CPPM VM I haven't attemtped to configure an IP in virtual manager for that bridge interface yet. In the Aruba KVM VM install proceedure doesn't talk about configuring an IP addres just configuring a bridge interface. I was able to get it entirelly installed I can log in from the console with appadmin.

Re: Setting up CPPM on KVM

So a bridge interface in Linux/KVM is a virtual switch that connects multiple interfaces. Most times it connects your physical interface (eth0) and interfaces in your KVM VM. Just like in a normal (L2) switch, the attached devices should have a different IP in the same subnet. So what you did appears correct. If the bridge is correct configured, and it does not need to have an IP like a L2 does not need to have an IP either, you should have connectivity between your CPPM (VM) and the host and other devices on the network connected to the host.

 

I suspect there is something wrong with your KVM networking setup. What you could do is find a small normal Linux distribution (Fedora, Ubuntu, Knoppix) and install that first to verify that you have proper network connectivity. If that works and you can reach systems on the wired network and the VM from the wired network, and you understand how KVM works with networking, you might try again with ClearPass.

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).
Frequent Contributor II

Re: Setting up CPPM on KVM

That's what I was thinking as well ill try that see if I can get normal communcation using the bridge interface most just use the NAT with a VM OS they don't care about incoming communcation

New Contributor

Re: Setting up CPPM on KVM

Are you using ovirt on CentOS?

Frequent Contributor II

Re: Setting up CPPM on KVM

I'm using centos7 I was able resolve it by setting up a bridge in CLI what I had not done before was reset the ethernet interface then the bridge interface. I figured it out by searching the internet trying different methods. Using the GUI didn't work at all have to use CLI to really make this work. 

Guru Elite

Re: Setting up CPPM on KVM

Please note that CentOS 7 is not supported.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Frequent Contributor II

Re: Setting up CPPM on KVM

I know it's not supported but it works fine been using it for while now it's only for evaluation for testing I had some problems with 6.8 network interface driver which was resolved in 7. 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: