This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SGN center on vmware issuing tokens??

Hi all,

I want to use SGN 5.6 with Aladdin eTokens we already possess. My trial installation on a test machine worked (eventually; the manual is not all to clear).

After obtaining the licensed version I started to install this on a virtual Win2008R2 server on a VMware ESXi 4.1 host. Article 108133 says this should be okay; only there could be trouble when host does not support USB.

Esxi 4.1 host does support USB. I can read the token with the PKI Client 5.1; via a console session when the etoken is in an USB port on the host and via RDP session when the etoken is on the client.

However SGN Management Center does NOT find the token. Therefore I can not set the middleware module in the policy for machine settings. Therefore I can not virtualize the SGN MC.

Has anyone of you run into this and solved it (and please do not reply that I have to upgrade to latest version)??

Thanks

:42928


This thread was automatically locked due to age.

  • Ad_ministrator wrote:

    However SGN Management Center does NOT find the token.



    Does the article below help explain the issue at all?

    :42962

     - - - - - - - - - - - -

    Communities Moderator, SOPHOS
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • Yes, found this KB article and tried it. MC does not see any token slots and in the policy "machine settings" the field for the module name for the PKCS#11 module contains only 'not configured'. On the same machine eToken PKI Client 5.1SP1 is installed and that can see the token. 

    :43042
  • I have done a case history search on the symptoms you describe.  Based on this review it is either:

    • A problem with your license file (not something we can check through the forum).
    • The middleware must be installed on the Management Center device.  If yes, what version for what token?
    • The Safeguard Client and the Configuration package must be installed on the Management Console System that token initialization will go through.
    • A missed step in the configuration.

    From reading a few cases I've made a list of the key steps - review and consider if you have followed these.

    Note:  These steps have been translated from German so think about each one rather than follow directly.

    1. Create policies for the tokens, as described in the document linked - it's an old document but maybe useful as a general guide.  Read page 6 (section 3.1).
      Aladdin eToken usage in SafeGuard Enterprise.pdf
    2. Create a create a policy group for this.
    3. Create a configuration package that contains this policy group
    4. Log in with administrative rights in the Windows
    5. Install this configuration package on the MC computer
    6. Restart the computer after the installation
    7. Log into the Windows
    8. Launch the Management Center
    9. Check whether the slots are now displayed.

    To troubleshoot further (e.g., for a license issue) it would be best to raise a support ticket and provide (a) an SDU output file when opening it and (2) a link to this forum post (so the engineer can easily cross reference the advice so far).

    If one or more of the above steps helps please post back which ones.

    :43046

     - - - - - - - - - - - -

    Communities Moderator, SOPHOS
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • Hello Moderator,

    thanks for your reply.

    As stated earlier, I'm using Aladdin eToken Pro with eToken PKI Client 5.1SP1 as middleware. With this I have initialised the token on the vm.

    I've tried this manual once more with the same result. In the policy for machine settings I can NOT select the Aladdin eToken PKI Client; only possible choise is "not configured".

    As you suggested there might be something with the license, I opened the xml-file. This mentiones licenses for Management Center, Configuration Protection, Device Encryption and Data Exchange. Is the license for token-support not included?

    Regards

    Ad Ministrator

    :43127

  • ruckus wrote:

    To troubleshoot further (e.g., for a license issue) it would be best to raise a support ticket and provide (a) an SDU output file when opening it and (2) a link to this forum post (so the engineer can easily cross reference the advice so far).


    As previously suggested for a license problem can you open a ticket with an SDU output and also include the XML license file.  Support will be able to tell you for sure.

    :43137

     - - - - - - - - - - - -

    Communities Moderator, SOPHOS
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • Yes, It was the license file.

    I ordered licenses with token support but that was not included in the license file I received. A new license file will be issued. Hopefully I can conclude the installation then.

    :43159