This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

mcollective ping doesn't find new decoder appliance behind firewall SA 10.4.0.2

Go to solution
DavidMechsner
Beginner
Beginner

‎2014-12-09 10:35 AM

While enabling an appliance at the SA 10.4 gui the script "/etc/puppet/scripts/addNode.py" is called the mco ping command.

In our environment, the new decoder appliance does not response the mco ping, altought the ampqs port is open

 

 

[root@saserver ~]# mco rpc rpcutil ping -I  0555a385-15aa-42bb-ac7f-568cf2406265

| [ >                                                             ] 0 / 1

Finished processing 0 / 1 hosts in 12017.67 ms

No response from:

   0555a385-15aa-42bb-ac7f-568cf2406265

[root@saserver ~]#

 

Does anybody has an idea, how to trace that "mco rpc rpcutil ping" and which ports/direction should be opened in FW for mcollective/rabbitmq/puppet.


TIA

1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
MuditPandey
Beginner
Beginner
In response to DavidMechsner

‎2014-12-09 11:11 AM

Then there would be some other reason why the ping is failing.

is there a time diff between SA and the device ?

View solution in original post

0 Likes
6 REPLIES 6

Go to solution
MuditPandey
Beginner
Beginner

‎2014-12-09 10:48 AM

Please do the following: "Open firewall ports 8140 and 61614 from all non-SA Appliances to SA Server appliance. You must open these ports so that the SA server can discover all your appliances and services."

0 Likes

Go to solution
DavidMechsner
Beginner
Beginner
In response to MuditPandey

‎2014-12-09 10:56 AM

These ports are already open.

 

192.168.0.100 is our puppetmaster.local (sa-server).

 

[root@LogDecoder ~]# curl -v telnet://192.168.0.100:8140

* About to connect() to 192.168.0.100 port 8140 (#0)

*   Trying 192.168.0.100... connected

* Connected to 192.168.0.100 (192.168.0.100) port 8140 (#0)

[root@LogDecoder ~]# curl -v telnet://192.168.0.100:61614

* About to connect() to 192.168.0.100 port 61614 (#0)

*   Trying 192.168.0.100... connected

* Connected to 192.168.0.100 (192.168.0.100) port 61614 (#0)


It seems that the server still requires different ports during discovering.

Go to solution
MuditPandey
Beginner
Beginner
In response to DavidMechsner

‎2014-12-09 11:11 AM

Then there would be some other reason why the ping is failing.

is there a time diff between SA and the device ?

0 Likes

Go to solution
DavidMechsner
Beginner
Beginner
In response to MuditPandey

‎2014-12-09 11:18 AM

There is 1 hour difference.

 

     [root@Decoder ~]# date

     Tue Dec  9 18:16:41 CET 2014

 

     [root@saserver ~]# date

     Tue Dec  9 17:16:44 CET 2014

0 Likes

Go to solution
DavidMechsner
Beginner
Beginner
In response to MuditPandey

‎2014-12-09 11:24 AM

After ntp sync, it works! thanks a lot

0 Likes

Go to solution
MuditPandey
Beginner
Beginner
In response to DavidMechsner

‎2014-12-09 10:07 PM

Great.

Puppet and mco are heavily dependent on time sync.

It would fail even if there is few minutes difference.

© 2022 RSA Security LLC or its affiliates. All rights reserved.