跳转到主内容

由于代理服务器防火墙设置、ONTAP SVM的工作负载安全配置失败

  1. 最后更新
  2. 另存为PDF
Views:
2
Visibility:
Public
Votes:
0
Category:
cloud-insights
Specialty:
bluexp
Last Updated:

适用场景

  • ONTAP 9.x
  • 工作负载安全性(WS)
  • rHEL/CentOS工作负载安全代理

问题描述

  • 在WS中通过集群IP将ONTAP SVM添加为数据收集器失败
  • 工作负载安全代理和ONTAP可以位于同一子网中、并且不会 在它们之间配置任何外部防火墙
  • 如果 存在外部防火墙、则 我需要在防火墙中打开哪些端口才能使Cloud Insights工作负载安全性与ONTAP进行通信 允许使用所需端口、并且防火墙日志会显示流量
  • GUI出错: Connector is in error state. Service.name: audit. Reason for failure: External fpolicy server terminated
  • FPOLICY-MLOG-TXT.GZ :

 [kern_fpolicy:error:7503] LIF_availability_check call Failed with error[-1]. [0x0x807e78a00] src/fsm/fsm_external_engine.cc:5139
 [kern_fpolicy:error:7503] Establish TCP connection returned error.[0x0x807e78a00] src/fsm/fsm_external_engine.cc:5042
 [virtual smdb_error fpolicy_appcfg_server_status_db_iterator::notify_imp(smdb_cdb_iterator::operation)] operation: [modify], policy: [3]

  • EMS-LOG-FILE.GZ:

Sun Feb 12 23:53:45 +0200 [<node_name>]: fpolicy: fpolicy.server.connectError:error]: Node failed to establish a connection with the FPolicy server "<CS_Agent IP>" (reason: "TCP Connection to FPolicy server failed.").

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.