Repeated Fpolicy disconnects because certificate is missing
Applies to
- ONTAP 9
- Varonis
- Fpolicy
Issue
- Fpolicy server repeatedly disconnects from ONTAP
- AUDIT-MLOG repeatedly says
-
00000017.0432c441 1234656a Wed May 01 2024 07:55:02 -04:00 [kern_audit:info:2891] 8503ea0000e67c09 :: svm1:ontapi :: fpolicy_server_ip:55835 :: fpolicy_server_name:domain\username:: fpolicy-server-disconnect :: Success:
-
- EMS repeatedly says
-
Wed May 01 07:55:15 -0400 [svm1: fpolicy: fpolicy.server.disconnect:error]: Connection to the FPolicy server "fpolicy_server_ip" of policy "policy_name" is broken for Vserver svm1( reason: "FPolicy server is removed from external engine." ).
-
-
Varonis NetApp APITest Wrapper gets error:
can't connect to host (err=5)
- Packet trace shows that
- Fpolicy server sends
Client Hello
to negotiate TLS session - ONTAP responds with TCP
RST
- Fpolicy server sends