Manualsbrain.com
  1. Manuals
  2. Brands
  3. Black Box
  4. ET0010A
  5. User Manual

Black Box ET0010A User Manual

Download
Page of 352
ETPM and ETKMS Troubleshooting
240
EncrypTight User Guide
Status Errors
Renew Key Errors
Symptom
Explanation and possible solutions
ETEMS cannot verify that the 
software version installed on the 
ETKMS matches the version 
selected in the Appliance Manager.
In the Appliance Manager in ETEMS, when you refresh status 
for a ETKMS, the ETKMS does not return information 
regarding the version of the ETKMS software that is running 
on the ETKMS.
Log in directly to the ETKMS or use an SSH client to log in 
remotely, and type the following command:
rpm -qi etkms
Cannot refresh the status of a new 
ETKMS in ETEMS. 
Deploy policies from ETPM, and then refresh the status of the 
ETKMS.
ETPM reports that the policy 
deployment was successful, but all 
of the PEPs are marked with the   
indicator and did not get the policy.
Make sure that you entered the correct name for the ETKMS 
in the ETEMS Appliance Manager. This error is recorded in 
the application log and in the kdist.log file on the ETKMS. A 
mismatch between the name displayed in the Appliance 
Manager and the actual name of the ETKMS can cause 
communication failures between the ETKMS and the PEPs.
After adding a PEP in the Appliance 
Manager and pushing the 
configuration to the PEP, the status 
shown in the PEP tab in ETPM is 
not correct and indicates a 
After adding a new PEP in the Appliance Manager and viewing 
the incorrect PEP status in ETPM, switch to the Appliance 
Manager and then switch back to ETPM. The status indicator 
for the new PEP should be correct.
The Renew Keys operation does not 
indicate success or failure for 
backup ETKMSs. 
Click Refresh Status in ETPM and verify that the backup 
ETKMS is providing coverage and reporting status. 
If you add a PEP to an existing 
policy and do not immediately 
redeploy the policy, but later refresh 
the status or renew keys, the policy 
will be marked with the red 
exclamation mark  . 
The   indicator is typically used to indicate communication 
errors. In this case the policy does not yet exist on the PEP 
and cannot be rekeyed or refreshed. 
Symptom
Explanation and possible solutions
The PEP CLI is unavailable during a 
deployment or rekey.
Large policy deployments or rekeys can prevent access to the 
command line interface (CLI) of a PEP while the PEP is 
processing the current operation. Automatic network 
management system polling during this period can result in an 
incorrect report that the PEP is out of service. Wait a few 
minutes for the current operation to complete, and then retry.
A Renew Keys operation fails for a 
specific ETKMS and ETPM displays 
the following message:
Renew keys operation status
The Renew keys operation failed for 
the following ETKMSs <list of 
ETKMS IP addresses that failed>
This message appears when the ETKMSs listed in the error 
message could not be reached during a Renew Keys 
operation. The Renew keys operation was successful for all 
other ETKMSs.
To ensure that all PEPs received policies and keys, check the 
status indicator in the Policy View of the ETPM for all PEPs. If 
the status shows a   indicator, the PEPs received the 
appropriate keys; otherwise, the PEPs may not have received 
one or more keys and immediate action is required to prevent 
network interruption.