I am trying to learn how to manage SSL VPN from NSM. I am running NSM 2008-2r1 and SSL 6.3R3. I followed the documentation but the DMI agent in SSL never makes a good connection. The log shows the agent connected and then connection lost. The NSM box shows that the SSL Box has never made the first connection.
Any suggestions as to how to troubleshoot this would be greatly appreciated.
Solved! Go to Solution.
I'm not sure what the issue is, but I would check or try the following:
If this approach fails or you run into an issue, let me know. I vaguely remember having an issue with one of our four boxes, but I just ripped everything out and went through the above. I hope this helps.
Attempted to follow the steps listed, but I'm getting my log filled with:
2009-09-10 13:30:16 ive [127.0.0.1] System() - Outbound DMI Agent failed to connect to host: X.X.X.X, port: 7804.
I ran tcpdump on both the internal and port 1 interfaces and cannot see a single attempt to contact the NSM. Does this only work over the management interface?
Nope - it works just fine on the internal interface - actually does not work on the external. I run against an SA2000 with no management I/F. This is a "duh" thing but that message obviously means that the boxes aren't talking. I am out of the office with no access to logs or my notes on configuring this stuff.
Have you done the obvious and validated communication from a ping perspective between the two boxes? Validated that the password you use on the SA matches the one you setup on NSM for 1st communications?