Skip to main content
NetApp Knowledge Base

Prolion Cryptospike disconnects and reconnects every 5 minutes

  1. Last updated
  2. Save as PDF
Views:
217
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

Applies to

  • ONTAP 9.15.1 and above
  • CIFS
  • FPolicy
  • Prolion Cryptospike

Issue

  • The Prolion Cryptospike FPolicy servers are disconnecting and reconnecting once every 5 minutes
  • ONTAP EMS log shows the FPolicy server disconnecting and reconnecting

Thu Apr 03 12:44:10 +0200 [node1: fpolicy: fpolicy.server.disconnect:error]: Connection to the FPolicy server "xx.xxx.xxx.203" of policy "Prolion_CS_POLICY_ACTIVE_cifs" is broken for Vserver svm1 ( reason: "FPolicy server is removed from external engine." ).
 

Thu Apr 03 12:44:19 +0200 [node1: fpolicy: fpolicy.server.connect:notice]: Control channel with the FPolicy server "xx.xxx.xxx.203" of policy "Prolion_CS_POLICY_ACTIVE_cifs" is established for Vserver svm1.

Thu Apr 03 12:49:12 +0200 [node1: fpolicy: fpolicy.server.disconnect:error]: Connection to the FPolicy server "xx.xxx.xxx.203" of policy "Prolion_CS_POLICY_ACTIVE_cifs" is broken for Vserver svm1 ( reason: "FPolicy server is removed from external engine." ).
 

Thu Apr 03 12:49:24 +0200 [node1: fpolicy: fpolicy.server.connect:notice]: Control channel with the FPolicy server "xx.xxx.xxx.203" of policy "Prolion_CS_POLICY_ACTIVE_cifs" is established for Vserver svm1.

  • For same events we find in the audit log that Cryptospike servers are disabling the FPolicy policy and re-enabling shortly after

00000022.004f9f73 0105efeb Thu Apr 03 2025 12:44:10 +02:00 [kern_audit:info:3728] 8503ea00001be874 :: xx-x:http :: xx.xxx.xxx.203:50320 :: xx-x:cryptospikev3 :: PATCH /api/protocols/fpolicy/<vserver-uuid>/policies/Prolion_CS_POLICY_ACTIVE_cifs : {"enabled":false,"mandatory":false} :: Pending 
 

00000022.004f9fd1 0105f02a Thu Apr 03 2025 12:44:17 +02:00 [kern_audit:info:3728] 8503ea00001be876 :: xx-x:http :: xx.xxx.xxx.203:56880 :: xx-x:cryptospikev3 :: PATCH /api/protocols/fpolicy/<vserver-uuid>/policies/Prolion_CS_POLICY_ACTIVE_cifs : {"enabled":true,"mandatory":false,"priority":1} :: Pending 
 

00000022.004fa3ab 0105fbb6 Thu Apr 03 2025 12:49:12 +02:00 [kern_audit:info:3728] 8503ea00001be9f8 :: xx-x:http :: xx.xxx.xxx.203:39884 :: xx-x:cryptospikev3 :: PATCH /api/protocols/fpolicy/<vserver-uuid>/policies/Prolion_CS_POLICY_ACTIVE_cifs : {"enabled":false,"mandatory":false} :: Pending 
 

00000022.004fa3f7 0105fc1d Thu Apr 03 2025 12:49:22 +02:00 [kern_audit:info:3728] 8503ea00001be9fa :: xx-x:http :: xx.xxx.xxx.203:52866 :: xx-x:cryptospikev3 :: PATCH /api/protocols/fpolicy/<vserver-uuid>/policies/Prolion_CS_POLICY_ACTIVE_cifs : {"enabled":true,"mandatory":false,"priority":1} :: Pending 
 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.