Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

NIOS DNS DHCP IPAM

Reply

Can't access web interface after HA setup

Techie
Posts: 11
387     0

I'm trying, without any luck, to configure a freshly wiped IB appliance for HA mode. I have two IBs, and ultimately want them in a HA pair. On the first IB I reset the config, went in via the web and setup the 5 IPs for the HA pair. The IB then rebooted, but now I'm totally unable to access the web interface via ANY IP address.

 

I went in via serial/SSH and did a 'show network'. It shows a VIP of 10.3.2.12, and local IPv4 address of 10.13.2.13. And it shows as master of Infoblox Grid. However, as I said, neither IP respond via the browser. I did enable the remote console, and that responds on the .13 address. 

 

I've done this three time (config reset, re-IP, etc.) all with the same results. What's going on? 

Re: Can't access web interface after HA setup

New Member
Posts: 2
387     0

Hippo,

 

Did this happen on a virtual machine?

Re: Can't access web interface after HA setup

New Member
Posts: 2
387     0

I ran in to this as well and just got off a call.  If it's a virtual machine check this doc:  https://docs.infoblox.com/display/nios86/About+HA+Pairs

 

specifically, this part:

"When you deploy a vNIOS HA pair, ensure that the port connection allows for more than one MAC address per vNIC. For example, if you deploy a vNIOS HA pair in VMware vSphere, the port-profile to which the vNIOS HA and LAN ports connect should allow for more than one MAC address per vNIC. You can do this by changing the security settings of the port-group to accept "MAC address changes" and "Forged transmits," as illustrated in the following figure."

 

I had to set those two settings on the port group in vmware and I was able to once again access the GUI on a virtual appliance and proceed with the HA setup.   

Re: Can't access web interface after HA setup

New Member
Posts: 1
387     0

I had this issue and had to change the security settings as mentioned, however this setting could only be changed temporarily as it is an overall (network) security issue at our company. I will have to jump through some hoops to get an exception for this. My configuration is for a non production test environment, so it's not a show stopper but it is possible that we will migrate in the future. My question is how do other companies get around this if it is a security issue? I have to believe there are companies out there that use HA in a VM environment.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You