000031600 - DLP Bootstrap failed when adding Network Controller in Enterprise Manager. Error connection to specified host timed-out

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000031600
Applies ToRSA Product Set: DLP
RSA Product/Service Type: Data Loss Prevention, Enterprise Manager, Network Controller
RSA Version/Condition: 9.6, 9.6 SP2
Platform: CentOS
O/S Version: EL6
IssueBootstrap error occurred when adding Network Controller failed on Enterprise Manager. 
Possible cause of the issue include:
  • Communication issue to the Network Controller (e.g. DNS resolution issue, network issues, port not accessible)
  • Due to time synchronization between the Enterprise Manager and the Network Controller
Error message
Bootstrap failed: Connection to the specified host timed-out. Please check if the network controller is reachable.

Sample screenshot
User-added image
Cause
  • Communication issue to the Network Controller (e.g. DNS resolution issue, network issues, port not accessible)
  • Due to time synchronization between the Enterprise Manager and the Network Controller
ResolutionImportant Note: Ensure that time is synchronized across Network Controller and all the DLP Network components - Interceptor, Sensor and ICAP server
  1. Communication issue
  • Check and ensure the DNS can resolve the FQDN of the Network Controller
  • And ensure appropriate FQDN is configured when adding to Enterprise Manager
  • Ensure the port usage require are checked - Refer to DLP Network Deployment Guide for Port Usage
  1. Time synchronization issue
  • Log on to the Network Controller using tablus account
  • Adjust the time  by either configure NTP server (if available) or manually adjust the clock from tabmenu
  1. Using NTP:
From the tabmenu
Select 5) Configure  
Select 3) Set timezone, clock, and timeserver  
Select 3) Configure ntp timeserver

Then select 1) Configure ntp timeserver
Follow the prompt to complete the ntp time server settings

  1. Manual adjust the clock:
From the tabmenu 
Select 5) Configure  

Select 3) Set timezone, clock, and timeserver  
Then select 2) Manually set the clock
Follow the prompt to complete the manual clock settings

  • In Enterprise Manager, re-add the Network Controller to the DLP Network configuration.
  • Successful boostrap will show the following message

Connection verified. Now initializing controller. This may take a few minutes. Please wait.

Sample screenshot

User-added image

  • Should the certificate become invalid due to the time adjustments, please refer to the RSA DLP 9.6 Maintenance Guide for the certificate regeneration procedure

Attachments

    Outcomes