Administrator Guide
134 | Deploying W-ClearPass Clusters Dell Networking W-ClearPass Deployment Guide
However, certain elements are node-specific and these must be configured separately for each node, which
you can achieve directly on the Publisher or individually on the Subscriber node.
Elements Replicated
Cluster replication is delta-based; that is, only changed information is replicated.
The cluster elements that are replicated across all the nodes in the cluster are as follows:
l All policy configuration elements
l All audit data
l All identity store data
n Guest accounts, endpoints, and profile data
l Runtime information
n Authorization status, posture status, and roles
n Connectivity information, NAS details
l Database replication on port 5432 over SSL
l Runtime replication on port 443 over SSL
Elements Not Replicated
The following elements are not replicated:
l Access Tracker logs and Session logs
l Authentication records
l Accounting records
l System events (Event Viewer data)
l System monitoring data
Network Ports That Must Be Enabled
Table 21 lists the network ports that must be opened between the Publisher and the Subscriber nodes.
Table 21: Network Ports to Be Enabled
Port Protocol Description
80 HTTP Internal proxy
123 UDP TNTP: Time synchronization
443 TCP HTTPS: Internal proxy and node-to-node service
5432 TCP PostgreSQL: Database replication
Because any Subscriber node can be promoted to be the Publisher node, all port/protocol combinations listed
in Table 21 should be:
l Bidirectional
l Open between any two nodes in the cluster