RSA WebAgent Troubles
I had the following problem with my RSA WebAgent:For secure remote access, I have a linux system, running the RSA WebAgent. After an Upgrade of the RSA ACE server, the web portal only responded with an error
106: The Web server is busy. Please try again later.
There was nothing busy about the web server, of course.
As I have a strong networking background, one of my standard trouble shooting methods is to have a look at the network traffic to see what's going on:
tcpdump -vvv -i eno16777984 port not 22 and not 443
(Your interface will have a different name, of course)
Apart from the usual DNS chatter which I didn't filter explicitly, there was no traffic from or to the machine. Especially not, when running
./acetest
Which returned a
AceInitialize failed
So the machine was not even trying to play ball :-(
There is not much of a debug function in RSA's command line tools, and a
strace ./acetest
showed that all dependencies were ok.
The solution
Then I set the environment variable to use TCPexport USEUDP_ENV_VAR=false
and got a much better chance of getting a response. (Not 100%, though)
With both the acestatus and the acetest utils running successfully, I still did not fully understand the problem, but could fix it.
1) reconfigure Apache
So I needed to modify the apache config to use TCP, rather than UDP:
In /etc/httpd/conf/httpd.conf (or wherever your apache config lies) add:
SetEnv USEUDP_ENV_VAR false
2) enable rpcbind
The other thing is, that it now seems to rely on a running rpcbind service, so rpcbind needs to be anabled and started.
To check if that is the case, run:
systemctl list-units --type=service --state=active
and see if you get a
rpcbind.service loaded active running RPC bind service
in the reply.
No comments:
Post a Comment