The Secondary site(s) of a PAM multisite cluster fails to start
Article ID: 187911
Updated On:
Products
CA Privileged Access Manager (PAM)
Issue/Introduction
We get the following error messages when trying to start a multisite PAM Cluster:
PAM-CMN-5145 = ERROR: Cluster member {0} is unable to connect to the primary using address {1}.
PAM-CMN-5146 = Cluster member {0} is unable to connect to the primary using address {1}.
The messages report the nodes in the secondary sites are unable to connect to the VIP of the primary site.
However, the primary site's VIP can be successfully pinged from the secondary site's nodes.
Environment
Product: Layer 7 Privileged Access Manager.
Version: 4.1.X
Resolution
One of the likely cause for this problem to occur is a network problem related to the routing.
Check if tracing the route from the nodes in the secondary site to the primary site's VIP is successful.
Sometimes, even the primary site's VIP can be pinged, the traceroute fails.
Solving this condition with the network department, normally also solves the PAM cluster starting issue.
Check if tracing the route from the nodes in the secondary site to the primary site's VIP is successful.
Sometimes, even the primary site's VIP can be pinged, the traceroute fails.
Solving this condition with the network department, normally also solves the PAM cluster starting issue.
Feedback
Yes
No
Powered by
