cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Beacon Remote Execution with different FQDN than nslookup

Good evening/afternoon for everyone.

Happy new year.

We did some debugging on the issue that prevents vCenter to be recovered, and it seems that the problem comes because the Dnslookup of the vCenter web interface returns a hostname that is different from the FQDN of the machine. Different shared resources on this server that also has an ILO (remote control) interface . Because of the web server redirect is not succeeding; it always redirects to FQDN and only works for the perfect FQDN , the remoteexecution from Beacon is not caching the 443 websso authentication as expected.

Setting the fqdn on the /etc/hosts has no effect as the nslookup talks only at DNS level.

There is any alternative to force the dnslookup resolution of the beacon to overwrite a hostname with another?. Any additional suggestion?.

 

Many thanks, Kind regards.

(2) Solutions
mfranz
By Level 17 Champion
Level 17 Champion

Hi,

Have you tested esxquery (https://community.flexera.com/t5/FlexNet-Manager-Knowledge-Base/VMware-Stand-alone-Inventory-Agent-for-FlexNet-Manager-Suite/ta-p/114055)? I am not sure if it will behave differently in this specific case, but it does sometimes help where the Beacon fails due to ICMP being blocked.

Regarding ILO, shouldn't that be a dedicated network port connected to a dedicated management network?

Do you get a specific error message?

Best regards,

Markward

View solution in original post

Sounds like they need to clean up their DNS or network configuration.

View solution in original post

(3) Replies
mfranz
By Level 17 Champion
Level 17 Champion

Hi,

Have you tested esxquery (https://community.flexera.com/t5/FlexNet-Manager-Knowledge-Base/VMware-Stand-alone-Inventory-Agent-for-FlexNet-Manager-Suite/ta-p/114055)? I am not sure if it will behave differently in this specific case, but it does sometimes help where the Beacon fails due to ICMP being blocked.

Regarding ILO, shouldn't that be a dedicated network port connected to a dedicated management network?

Do you get a specific error message?

Best regards,

Markward

Hi, good evening/afternoon.

 

Thanks for your effort, the ICMP ping is succeding either with the IP address, or the DNS name. Also the 443 standard ssl port is accessible by IP address  or dns name. The problem comes because the customer has an ILO on that machine, and the first DNSlookup response from the IP is coming back for the other service name, not either the hostname.

The certificate validations on the https server of the vCenter are that strict, that only allow connections from one strict FQDN, the one that is not returned from DNS, and here there are multiple entries for the IP.

 

Thanks for the suggestion. Take care.

Sounds like they need to clean up their DNS or network configuration.