ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Non-TLS Agent not connecting to second TLS Gateway

book

Article ID: 241282

calendar_today

Updated On:

Products

CA Automic Workload Automation - Automation Engine

Issue/Introduction

We are working on enabling TLS Gateway for our non-TLS Agents.

We have configured two TLS Gateways on two different servers and enabled the CP function.

When using telnet to connect to each answers

> telnet <server1> 2220
Trying 10.20.40.30...
Connected to <server1>
Escape character is '^]'.
00000207UC4:global001NAT A0000151UCTLSGTW.1 AUTOMIC 21...CP 0001<server1>:2220;<server2>:2220^

It responds with the two defined TLS Gateway CP ports.

The agent is configured to connect to :

cp=<server1>:2220

... and upon start, it takes notice of the other TLS Gateway as well:

20220408/111923.573 -          (CP_LIST)                            
20220408/111923.573 -          2220=<server2>

However, after stopping one of the TLS Gateways:

  • The agent disconnects from the Automation Engine and doesn't try to reconnect via the second TLS gateway
  • Even after restarting the Agent, it fails to connect

Cause

The cp_port defined for each TLS Gateway has to be unique in the entire environment because the port is the used as the key.

cp_port=2220 together with 2220=<server2> in the CP list is not understood by the Agent. 

Environment

Release : 21.0

Component : TLS gateway

Resolution

All values of cp_port of all TLS gateways have to be unique within one system.