Advisory: Sophos Endpoint - "Your connection isn't private." We're aware of a certificate issue and are actively working to resolve it. Please see: KB-000045954 for the latest updates.

HA-Cluster configuration fails, Aux not ready

Hi all,

I installed two brand new XGS4500 with 19.5 EAP1, did the initial license sync (base license) and was trying to build HA. Used two HA links for this, quick ha mode and initiated on both firewalls HA. (active-passive) Unfortunately the Aux device will not become ready. I rebooted the Aux device already, but that didn't do the trick. Display is showing "Auxiliary" without any errors.

On the primary node I can see in ha_pair.log the following error

{ "status": "544", "statusmessage": "configure SSH failed" }
sleeping...
...done
{ "status": "544", "statusmessage": "configure SSH failed" }
sleeping...
...done
{ "status": "544", "statusmessage": "configure SSH failed" }
sleeping...
...done
{ "statusmessage": "configure SSH failed", "status": "544" }
sleeping...

Is there anything else I can check what the problem is? Anything to recover the Auxiliary or shall I disable / enable HA again?

aux is accessible via CLI, this is the output of ctsyncd.log

[2022-10-18 12:01:54Z] (pid=13135) [warning] deprecated nice configuration, ignoring. The nice value can be set externally with nice(1) and renice(1).
[2022-10-18 12:01:54Z] (pid=13135) [warning] deprecated unix backlog configuration, ignoring.
[2022-10-18 12:01:54Z] (pid=13135) [ERROR] can't connect: is conntrackd running? appropriate permissions?
[2022-10-18 12:02:27Z] (pid=4809) [notice] using user-space event filtering
[2022-10-18 12:02:27Z] (pid=4809) [notice] netlink event socket buffer size has been set to 4194304 bytes
[2022-10-18 12:02:27Z] (pid=4809) [notice] initialization completed
[2022-10-18 12:02:27Z] (pid=4812) [notice] binded on cpu 0
[2022-10-18 12:02:27Z] (pid=4812) [notice] -- starting in daemon mode --
[2022-10-18 12:02:27Z] (pid=4812) [notice] resync requested
[2022-10-18 12:02:31Z] (pid=4812) [ERROR] no dedicated links available!
[2022-10-18 12:02:33Z] (pid=4812) [ERROR] no dedicated links available!
[2022-10-18 12:02:34Z] (pid=4812) [ERROR] no dedicated links available!
[2022-10-18 12:02:34Z] (pid=4812) [ERROR] no dedicated links available!
[2022-10-18 12:42:18Z] (pid=30615) [warning] deprecated nice configuration, ignoring. The nice value can be set externally with nice(1) and renice(1).
[2022-10-18 12:42:18Z] (pid=30615) [warning] deprecated unix backlog configuration, ignoring.
[2022-10-18 12:42:18Z] (pid=4812) [notice] ---- shutdown received ----
[2022-10-18 12:47:48Z] (pid=4794) [notice] using user-space event filtering
[2022-10-18 12:47:48Z] (pid=4794) [notice] netlink event socket buffer size has been set to 4194304 bytes
[2022-10-18 12:47:48Z] (pid=4794) [notice] initialization completed
[2022-10-18 12:47:48Z] (pid=4798) [notice] binded on cpu 0
[2022-10-18 12:47:48Z] (pid=4798) [notice] -- starting in daemon mode --
[2022-10-18 12:47:48Z] (pid=4798) [notice] resync requested
[2022-10-18 12:47:52Z] (pid=4798) [ERROR] no dedicated links available!
[2022-10-18 12:47:52Z] (pid=4798) [ERROR] no dedicated links available!
[2022-10-18 12:47:54Z] (pid=4798) [ERROR] no dedicated links available!
[2022-10-18 12:47:54Z] (pid=4798) [ERROR] no dedicated links available!
[2022-10-18 12:47:54Z] (pid=4798) [ERROR] no dedicated links available!


ha_pair.log is empty, so is ha_tunnel.log



more logs from aux device
[edited by: Ale1007 at 1:45 PM (GMT -7) on 17 Oct 2022]
Parents Reply Children
No Data