Security

Reply

Setting up external SFTP server in CPPM

So I thought this should have been a simple enough task has turnned out to be a nightmare.

Im trying to get the external server in CPPM to work so the backups can be sent automatically.  The configuration seems to be straight forward...

Host IP, username, password remote directory

but each time the backup runs I get the following error message

 

Error reading SSH protocol banner

 

all of my other SFTPs work to this server with no problem.  I have even tried sending the file to a different server and get the same error.  Has anyone else experienced this problem and if so what was the solution or work around.

Guru Elite

Re: Setting up external SFTP server in CPPM

What do the logs on the SFTP server show?
Which version of ClearPass?

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.

Re: Setting up external SFTP server in CPPM

The version is 6.7.0.101814....Im trying to get the logs since the server is managed by a different group.  I will post as soon as I get them.

 

Frequent Contributor II

Re: Setting up external SFTP server in CPPM

Hi Don,

 

I'm also using ClearPass 6.7.0 and has issue with auto backup configuration to an external server (except that I'm using SCP, and the log message was something related to FIPS mode). I opened a TAC case and they have confirmed it's a bug, promising it'll be fixed in upcoming patch of 6.7.X. Hope this information is useful for you.

 

Regards,

Re: Setting up external SFTP server in CPPM

Appreciate the feed back, it does let me know that some times things are not always as simple as they seem.   I opened a case as well and at this point they dont have an answer for me. 

Re: Setting up external SFTP server in CPPM

So I had a chance to speak to the server team regarding the logs and there is nothing in the logs because the connection is failing prior to it asking for user credentials.

Re: Setting up external SFTP server in CPPM

Hi,

 

We have issue related to auto backup when FIPS is enabled on clearpass but it is working fine in other cases.

 

Are you using sloarwinds SFTP/freeFTPd server or any other software in the client machine.

 

We have done the following the File Server configuration in CPPM and freeFTPD, the transfer is succeed without any error.

Please configure the following at your end,

1. CPPM File Backup Server Settings1.PNG

 

2. freeFTPD Settings

Step 1: Create a folder in the windows desktop manually & The folder name should be your CPPM machine IP.

2.PNG

 

Step 2: Open the freeFTPD tool by right clicking & Run as administrator

Configure each tab as follows and click Apply Save ,

  1. SFTP3.PNG

2.Users

Click the Add ... button

freeFTPD-AddUser.PNG

 

Configure as follows, give the same username/password what have given in the CPPM

freeFTPD-AddUser_Detail.PNG

Host Restrication

4.PNG

Logging

 

 

 

freeFTPD-EnableLogging.PNGg

  1. Start the SFTP Servers from the tab (SFTP)freeFTPD-ServerStatus.PNG
  2. Run the following auto backup script manually in the terminal,

 4.Check the folder in the windows desktop 5.PNG

Regards,
Pavan
If my post address your queries, give kudos and accept as solution!
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: