Active IQ Unified Manager Discussions

Wrong interface chosen for HA pair

jbartlett
4,753 Views

I have a NetApp FAS3140HA which I wish to manage via System Manager 2.0R1 (I previously used System Manager 1.1). For security, I restrict HTTPS management to the e0M interface, rather than allowing access through the "client" interfaces. However, when I try to add a controller to System Manager and enter the e0M interface IP address, it auto-discovers the partner node via the "client" interface (which is a VIF). As a result, I cannot log in due to the expected error of "HTTPS access denied due to the value of http.admin.access". I want to add just the e0M interfaces. Is this possible?

1 ACCEPTED SOLUTION

jbartlett
4,753 Views

There is a workaround, although I still am annoyed that NetApp does not seem to be acting on this issue. They must think it is crazy to want to isolate management traffic to a management network….

I got around it by adding entries to my local hosts file on the management server. You have to substitute the management IP for the filer’s main IP. For example, if your first controller is “filer01” and the primary data interface is 192.168.1.2, but the management IP is 192.168.2.5, then you need an entry that says:

192.168.2.5 filer01

Likewise for the second controller. When you manually point System Manager to the first controller and it auto-discovers the partner controller, it will get the mgmt IP from your hosts file. This may impair CIFS/NFS access from the management host, depending on your setup and network location, but it worked fine for us.

Jim

View solution in original post

4 REPLIES 4

jbartlett
4,753 Views

FYI, looks like a bug. I submitted to support, had a WebEx session and it is being investigated.

HACI_JPRIDDY
4,753 Views

Did you ever get resolution to this issue?  We have our HA pair configured the same way, and are having the same problem with the latest version of System Manager.

jbartlett
4,754 Views

There is a workaround, although I still am annoyed that NetApp does not seem to be acting on this issue. They must think it is crazy to want to isolate management traffic to a management network….

I got around it by adding entries to my local hosts file on the management server. You have to substitute the management IP for the filer’s main IP. For example, if your first controller is “filer01” and the primary data interface is 192.168.1.2, but the management IP is 192.168.2.5, then you need an entry that says:

192.168.2.5 filer01

Likewise for the second controller. When you manually point System Manager to the first controller and it auto-discovers the partner controller, it will get the mgmt IP from your hosts file. This may impair CIFS/NFS access from the management host, depending on your setup and network location, but it worked fine for us.

Jim

HACI_JPRIDDY
4,753 Views

Yeah, I just found that in the latest Release Notes.  I agree, that a workaround changing the way the name is resolved is not an acceptable workaround, considering that is the host on which all the CIFS shares that I use are located. 

Public