Security

 View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

ClearPass cluster support of mixed VA models + Morph-vm between Cx000V

This thread has been viewed 7 times

  • 1.  ClearPass cluster support of mixed VA models + Morph-vm between Cx000V

    Posted Apr 28, 2022 09:45 AM
    Hi,

    One customer needs to upgrade a ClearPass cluster from 15K sessions per day to 80K authentications per day.

    Today the RADIUS authentications are load balanced on the 2 C2000V Subs.
    The C2000V Publisher is the backup radius server.

    Our target architecture is :
    -1x C3000V Publisher - No authentication, mgmt only.
    -2x C3000V Subscriber with authentication load balancing (done at the NAD level)
    -1x C3000V Subscriber as the RADIUS backup server for all the NADs (2+1 redundancy)

    Could we mix C2000V and C3000V in a cluster for a limited period of time ?
    We will distribute the authentications respecting the limits of each server.

    Is the vm-morph command limited to migrate from EVAL to Cx000V ?
    The CLI guide is talking only about EVAL to Cx000V but I can find on Airheads some migration from C2000V to C3000V.

    ------------------------------
    Matthieu FRENAUX - ACEP
    ------------------------------


  • 2.  RE: ClearPass cluster support of mixed VA models + Morph-vm between Cx000V

    Posted Apr 29, 2022 12:41 PM
    Hi, answering your questions:

    1.- Yes you can mixed the types a the VMs in a clúster and it's a very common escenario
    2.- As far as I understand is not limited from EVAL to Cx000V but i'd recommend you a new VM instalation and migrate the license.


    Hope this helps

    ------------------------------
    Ulises Cazares
    ------------------------------

    Original Message