Hi All,
Recently we have encountered an interesting issue, We are not able to identify the root cause.
We have recently rebuilt our problematic VAs. To test the connection from cluster to VA we have configured VAs with all the necessary configuration according to the VA documentation in SailPoint documentation portal.
We have total 4 VAs in our Production environment. 2 are hosted in one data center and other 2 hosted in other data center. First 2 VAs are working fine (Which are hosted in one data center) without any issues. But when it comes to 3rd and 4th VAs (which are hosted in different data center), they are not able to establish the connection with the cluster. we have checked logs, network configuration, secure tunnel configuration.
-
Network configuration
IP address - checked
DNS - checked
Gateway- checked
network connection checked (Ping works fine)
-
We are using secure tunnel approach
Secure tunnel configuration (Copying relevant SSLs keys into VA) - checked
adding line “tunnetTraffic: true” to config.yaml file - checked
able to connect to amazon services and able to download images and updates
able to connect to regional secure tunnel IP addresses
-
Canal service is up and running, showing Healthy
Everything looks good, but still no connection.
Our hunch is, It’s something to do with the part that the 3rd and 4th VAs are hosted in different data centers. something is restricting the connection between Tenant and these 2 VAs. So our query is which configuration we should check to identify this connection issue.
Thanks in advance.
Regards,
Ram