FRS and WRS Failing while using IPv6
search cancel

FRS and WRS Failing while using IPv6

book

Article ID: 367582

calendar_today

Updated On:

Products

Security Analytics

Issue/Introduction

The FRS and WRS features in Security Analytics are not configured to use IPv6 by default. The Health Tests for WRS will fail if the system does not have IPv4.

Environment

Release 8.2.8

Cause

The configuration is hardcoded to IPv4 and must be overriden to allow IPv6

Resolution

Update /etc/tonic.d/bcwf.conf and /etc/tonic.d/webpulse.conf and set override to true so that the system will use IPv6.

  1. Log in to the CLI as root
  2. vi /etc/tonic.d/bcwf.conf
  3. Locate the "http" section and change "ocsp" from "true" to "false"
  4. Change "override" from "false" to "true"
  5. Save the changes.
  6. vi /etc/tonic.d/webpulse.conf
  7. Locate the "http" section and change "ocsp" from "true" to "false"
  8. Change "override" from "false to true"
  9. Save the changes.
  10. Restart all services:  scotus stop and after that finishes, run scotus start

Also, the following domains must be allowed on your firewall for Security Analytics to reach these services:

ent-shasta-rrs.symantec.com
liveupdate.symantec.com
shasta-clt.symantec.com
subscription-ipv6.es.bluecoat.com
webpulse-ipv6.es.bluecoat.com

Powered by Wolken Software