Name or service not known error when connecting Identity Router (IDR) to RSA Authentication Manager
Originally Published: 2019-11-20
Article Number
Applies To
RSA Product/Service Type: Identity Router
Issue
2019-11-08/16:29:28.607/UTC [pool-4-thread-11] ERROR com.rsa.authagent.authapi.v8.logger.b[?] - the current host is unknownde-sal-v-rir001: de-sal-v-rir001: Name or service not knownIDRHOSTNAME: IDRHOSTNAME: Name or service not known
2019-11-08/16:29:28.607/UTC [pool-4-thread-11] ERROR com.rsa.nga.sidproxy.SidAuthentication[265] - Failed to verify session factory
com.rsa.authagent.authapi.AuthAgentException: com.rsa.authagent.authapi.AuthAgentException: the current host is unknownIDRHOSTNAME: IDRHOSTNAME: Name or service not knowndIDRHOSTNAME: IDRHOSTNAME: Name or service not known
2019-11-08/16:29:28.607/UTC [pool-4-thread-11] ERROR com.rsa.nga.sidproxy.SidAuthentication[265] - Failed to verify session factory
com.rsa.authagent.authapi.AuthAgentException: com.rsa.authagent.authapi.AuthAgentException: the current host is unknownIDRHOSTNAME: IDRHOSTNAME: Name or service not knowndIDRHOSTNAME: IDRHOSTNAME: Name or service not known
Where, IDRHOSTNAME is the portal hostname of the IDR defined in step 8 of Add an Identity Router using the Cloud Administration Console.
Cause
Note: the Identity Router's portal hostname FQDN can be viewed in either of two places:
- In the Cloud Administration Console Platform > Identity Routers page, select Edit on the Identity Router. The FQDN is in the Portal Hostname field.
- In the Identity Router's Setup Console, on the Network Settings page, under Protected Application Configuration. The FQDN is in the Identity Router HostName field.
Resolution
- If the IDR has two NICs:
- Add a static DNS entry that maps the IDR's portal hostname to its portal interface IP address. Include both the portal hostname FQDN and shortname (separated by a space) as the alias value. See step 14 of Add an Identity Router using the Cloud Administration Console.
- If the IDR has a single NIC:
- Add a static DNS entry that maps the IDR's portal hostname to its interface IP address. Include both the portal hostname FQDN and shortname (separated by a space) as the alias value.
- If the IDR has two NICs, use its own portal interface's IP address.
- If the IDR has a single NIC, use its own management interface's IP address.
Notes
- See also Identity Router DNS Requirements.
- The portal interface of the IDR is also known as the proxy interface of the IDR.
Related Articles
RSA Authentication Manager stuck at startup after configuring Embedded IDR Number of Views How to upgrade an RSA SecurID Access IDR Number of Views Clarification on RSA Identity Router (IDR) Upgrade Notification (12.22.0.0.37) Number of Views What to expect during an RSA SecurID Access Identity Router (IDR)/Cluster software update Number of Views Failed to deploy RSA IDR - VMware "Error updating httpd.conf" Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
