Lieutenant Commander
Lieutenant Commander
371 views

DP10 Secure communication protocol negotiation error

I have a set of servers that for some reason give me a negotiation error when trying to backup to storeonce.

.

[Critical] From: BDA-NET@redacted "E: [New Volume]"  Time: 12/17/2017 1:02:23 PM
	Cannot connect to Media Agent on system redacted-server.domain port 119160 (Secure communication protocol negotiation error when trying to establish a connection.
Check the validity of certificates and their configuration.
) => aborting.

If we do a manual scan of the interface ,backup works fine as soon as we schedule it we get the error above.

we did try the following commands

 omnicc -secure_comm -configure_peer CellManager from the client and omnicc -secure_comm -configure_peer Client from the Cell Manager and then try to export and import the client again.

we can see it is just getting wrong rendomize sometimes no error next time error.

 

0 Likes
8 Replies
Micro Focus Expert
Micro Focus Expert

Hello @Dirk Verweij

The problem here refers to the connection between the DA and the MA. So what you need to run are these commands: 

  • From redacted: omnicc -secure_comm -configure_peer redacted-server.domain
  • From redacted-server.domain: omnicc -secure_comm -configure_peer redacted

Regards, 

Andres Fallas Salazar
Customer Support Engineer

If you find that this or any other post resolves your issue, please be sure to mark it as an accepted solution.
If you are satisfied with anyone’s response please remember to give them a LIKE by clicking on the bottom at the left of the post and show your appreciation.
0 Likes
Captain Captain
Captain

Dirk, 

how many sessions does the media agent perform while receiving data from clients?

We had a similar problem of connecting disk and media agents - there were no free TCP ports on the media agent.

We have Windows Based media agent host.

To solve the problem, we increased the number of available ports  (MaxUserPort) on the media agent and reduced time for  the port stay in state Delay (TcpTimedWaitDelay).

0 Likes
Lieutenant Commander
Lieutenant Commander

Hello,

 

thnxs for your reply, but as we mentioned we already run those commands. the first backup works fine as soon as we run a second one we get the same errors

0 Likes
Lieutenant Commander
Lieutenant Commander

Hello,



thnxs for your reply, but as we mentioned we already run those commands. the first backup works fine as soon as we run a second one we get the same errors
0 Likes
Micro Focus Expert
Micro Focus Expert

Hello @Dirk Verweij,

Can you please check if the omnirc OB2PORTRANGE and OB2PORTRANGESPEC is used on the client, Media Agent and/or Cell Manager. If this is the case and everything is DP 10.x, try removing it.

Regards,
Sebastian Koehler

---
Please use the Like button below, if you find this post useful.
0 Likes
Lieutenant Commander
Lieutenant Commander

hello we do have portspecific range if we run without the backup wont run

0 Likes
Micro Focus Expert
Micro Focus Expert

Hello @Dirk Verweij

You mentioned you run it from CM to client and from client to CM. But what I'm suggesting is from DA to MA and from MA to DA. Have you run that also? 

And about the suggestion from @Sebastian.Koehler, yes, is remove the variable. 
Since DP 9.09 all the data is transferred using the Inet port only, and there is no need to include more ports for the backups. 

Andres Fallas Salazar
Customer Support Engineer

If you find that this or any other post resolves your issue, please be sure to mark it as an accepted solution.
If you are satisfied with anyone’s response please remember to give them a LIKE by clicking on the bottom at the left of the post and show your appreciation.
0 Likes
Lieutenant Commander
Lieutenant Commander

we did remove the port ranges and all backups are running fine thnxs for that ,except those with the negatiation errors our server with this error has its own drive so the backup will run over fibre so ma and da are on the same server

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.