DLP Bootstrap failed when adding Network Controller in Enterprise Manager. Error connection to specified host timed-out
2 years ago
Originally Published: 2015-10-28
Article Number
000042765
Applies To
RSA Product Set: DLP
RSA Product/Service Type: Data Loss Prevention, Enterprise Manager, Network Controller
RSA Version/Condition: 9.6, 9.6 SP2
Platform: CentOS
O/S Version: EL6
Issue
Bootstrap error occurred when adding Network Controller failed on Enterprise Manager. 
Possible cause of the issue include:
  • Communication issue to the Network Controller (e.g. DNS resolution issue, network issues, port not accessible)
  • Due to time synchronization between the Enterprise Manager and the Network Controller
Error message 
Bootstrap failed: Connection to the specified host timed-out. Please check if the network controller is reachable.

Sample screenshot
User-added image
Cause
  • Communication issue to the Network Controller (e.g. DNS resolution issue, network issues, port not accessible)
  • Due to time synchronization between the Enterprise Manager and the Network Controller
Resolution
Important Note: Ensure that time is synchronized across Network Controller and all the DLP Network components - Interceptor, Sensor and ICAP server
  1. Communication issue
  • Check and ensure the DNS can resolve the FQDN of the Network Controller
  • And ensure appropriate FQDN is configured when adding to Enterprise Manager
  • Ensure the port usage require are checked - Refer to DLP Network Deployment Guide for Port Usage
  1. Time synchronization issue
  • Log on to the Network Controller using tablus account
  • Adjust the time  by either configure NTP server (if available) or manually adjust the clock from tabmenu
  1. Using NTP:
From the tabmenu
Select 5) Configure  
Select 3) Set timezone, clock, and timeserver​  
Select 3) Configure ntp timeserver
Then select 1) Configure ntp timeserver
Follow the prompt to complete the ntp time server settings
  1. Manual adjust the clock:
From the tabmenu 
Select 5) Configure  
Select 3) Set timezone, clock, and timeserver​  
Then select 2) Manually set the clock
Follow the prompt to complete the manual clock settings
  • In Enterprise Manager, re-add the Network Controller to the DLP Network configuration.
  • Successful boostrap will show the following message
Connection verified. Now initializing controller. This may take a few minutes. Please wait.

Sample screenshot
User-added image
  • Should the certificate become invalid due to the time adjustments, please refer to the RSA DLP 9.6 Maintenance Guide for the certificate regeneration procedure

Related Articles

Trending Articles

Don't see what you're looking for?