2 Replies Latest reply on Jul 29, 2011 8:22 AM by boubakar

    Problem with an agent installation with NAT address

    boubakar
    boubakar Jul 27, 2011 4:14 AM

      Hello,

       

      We tried to integrate a RHQ agent in an AIX server, it's not our first AIX agent.

       

      The difference is that our current AIX server is behind a firewall, we've configured the firewall in order to allow the 2 streams : agent ==> server:7080, et the agent:16163 ==> server.

       

      Our server has 2 network interfaces, one for the intern access(internal_server.mlydns), and the other for the external access((external_server.mlydns). The external interface has 2 adress, one private adress, and an other public adress (NAT).

       

      When we configured the agent, we put for the property" Agent Hostname or IP Address [!*]" the public name (external_server.mlydns). We've configured this name manualy in the /etc/hosts of the RHQ server, because we don't share the same DNS server.

       

      We've 2 cases :

       

      1 - When we entered external_server.mlydns in the agent config, we've :

       

      he setup has been completed for the preferences at node [/rhq-agent/default].

      The server has rejected the agent registration request. Cause: [org.rhq.core.clientapi.server.core.AgentRegistrationException:Server cannot ping the agent's endpoint. The agent's endpoint is probably invalid or there is a firewall preventing the server from connecting to the agent. Endpoint: socket://external_server.mlydns:16163/?rhq.communications.connector.rhqtype=agent&numAcceptThreads=1 &maxPoolSize=303&clientMaxPoolSize=304& socketTimeout=60000&enableTcpNoDelay=true&backlog=200]

      Will retry the agent registration request soon...

       

      The problem that we try the command :

       

      netstat -an | grep 16163

       

      We don't have an agent listening in the port 16163.

       

      2 - When we entered internal_server.mlydns in the agent config, and we changed the conf in the /etc/hosts for mapping "internal_server.mlydns" to the public adress of my AIX host, i've the same problem :

       

      The server has rejected the agent registration request. Cause: [org.rhq.core.clientapi.server.core.AgentRegistrationException:Server cannot ping the agent's endpoint.

      The agent's endpoint is probably invalid or there is a firewall preventing the server from connecting to the agent. Endpoint: socket://external_server.mydns:16163/ rhq.communications.connector.rhqtype=agent&

      numAcceptThreads=1&maxPoolSize=303&clientMaxPoolSize=304&socketTimeout=60000&enableTcpNoDelay=true&backlog=200]

      The agent cannot register with the server. Admin intervention needed!

       

      But in this case, when we try the command :

       

      netstat -an | grep 16163

       

      We've an agent listening in the port 16163.

       

      I've write a sample client/server in java between my RHQ server and my AIX host, the AIX host launch a server listening with the public name external_server.mydns and the client installed in the RHQ server, the communication is working verry fine.

       

      Is there any thing else to configure in the firewall level ?

       

      With kind regards

       

      Boubakar