Error adding a Notification Server to the Gateway Manager with CEM

book

Article ID: 184218

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

You are setting up Cloud-enabled Management (CEM) and tried to add the Notification Server (NS) to the list of servers on the Gateway Server using port 4726 and it fails. The Gateway reports the error: failed to contact the server.  You have checked the ports and validated that they are open between the servers however the NS is still not able to contact the Gateway Server.

Failed to contact server.

Cause

Certain firewall configurations, notably Palo Alto firewall devices, can block traffic between a NS and Gateway Server even if ports are open in the firewall settings. If the firewall is set to filter URL traffic, it can block URLs from the Gateway Server. A good test to determine if this is the case is to open IE and navigate to:

https://<SMP Server Name FQDN>.com:443

This should display the default IIS7 "welcome" image. If the image does not display, this is a good indicator that URL traffic is being blocked.

Note: When navigating to https://<SMP Server Name FQDN>.com:443 you will need to replace <SMP Server Name FQDN> with the name of the server hosting the Symantec Management Platform, this should also be the server name in the SSL certificate which is bound to the default website in IIS.

Resolution

Create a rule on the Palo Alto firewall device to allow URLs for the NS to pass through.

 

 

Applies To

 

 

 

 

ITMS 7.5 SP1 HF5