Recently upgraded virtualization platform, upgraded from ESXI5.0 to ESXI6.0.0 Update1 with Windows vCenter5.1 migration to VCSA6.0, view 5.1 upgrade to Horzion view 6.1, antivirus system upgrade, VShield Manager upgrade and so on, the process also encountered a lot of problems, and gradually resolved, in this share to everyone, hope for the follow-up of the upgrade has helped;
Error message:
1. Show VShield Endpoint Host status as shown in:
650) this.width=650; "title=" wps1670.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps1670.tmp "src=" http://s3.51cto.com/wyfs02/M02/79/48/wKiom1aNtAzgLFNWAAA2DCJhy2w802.jpg "width=" 574 "height=" 82 "/>
2. View VShield shows the not installed status as shown in:
650) this.width=650; "title=" wps1691.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps1691.tmp "src=" http://s3.51cto.com/wyfs02/M01/79/46/wKioL1aNtDXwlVYlAABqTY3rTQc620.jpg "width=" 573 "height=" 225 "/>
3, reinstall, install 5 minutes or 5%, as shown:
650) this.width=650; "title=" wps1692.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps1692.tmp "src=" http://s3.51cto.com/wyfs02/M02/79/46/wKioL1aNtDag5WToAABlVjXA5Ak270.jpg "width=" 571 "height=" 410 "/>
4, installation fails, display failed to download VIB error, as shown in:
650) this.width=650; "title=" wps16a2.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps16a2.tmp "src=" http://s3.51cto.com/wyfs02/M00/79/46/wKioL1aNtDiznBULAABnbfSTRJ4407.jpg "width=" 560 "height=" 201 "/>
6, view VShield Manager management Platform Discovery, error message:
A connection between the ESX module and the VShield Endpoint solution,move AV agentless,faild.
650) this.width=650; "title=" wps16a3.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps16a3.tmp "src=" http://s3.51cto.com/wyfs02/M01/79/46/wKioL1aNtDiBtN5gAAAi-kYjl10732.jpg "width=" 574 "height=" 49 "/>
7, check the EPO Discovery service has started, but the SVM exception;
Event Description: Scanner service warning, unable to contact the hypervisor. Please update the SVM policy on EPO and provide credentials for the hypervisor.
650) this.width=650; "title=" wps16a4.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps16a4.tmp "src=" http://s3.51cto.com/wyfs02/M01/79/48/wKiom1aNtBHD3jWvAAA3bnKUWbU881.jpg "width=" 574 "height=" 63 "/>
Cause Analysis:
Question one: Install 5 minutes last failure report unable to download the corresponding VIB file
View related documents show VShield Manager requires the following ports to communicate properly;
650) this.width=650; "title=" wps16b5.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps16b5.tmp "src=" http://s3.51cto.com/wyfs02/M01/79/46/wKioL1aNtDryiTTmAAB38Xq_8Iw442.jpg "width=" 523 "height=" 206 "/>
650) this.width=650; "title=" wps16b6.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps16b6.tmp "src=" http://s3.51cto.com/wyfs02/M02/79/48/wKiom1aNtBOiCSFyAACQy1qg3Wg853.jpg "width=" 554 "height=" 227 "/>
Because ESXi, EPO, VShield Manager need to communicate, and 192.168.0.187 policy is not guaranteed three normal communication;
Display Current-configuration | Include 0.77rule-deny TCP source 192.168.0.0 0.0.255.255 destination 192.168.0.77 0 destination-port eq 22rule-Deny TCP Source 192.168.0.0 0.0.255.255 destination 192.168.0.77 0 destination-port eq 443
Workaround:
To add the Allow corresponding port rule:
Rule permit IP Source 192.168.0.6 0 destination 192.168.0.77 0rule permit IP source 192.168.0.7 0 Destination 192.16 8.0.77 0rule Permit IP source 192.168.0.236 0 destination 192.168.0.77 0rule permit IP source 192.168.0.237 0 Destin ation 192.168.0.77 0rule Permit IP source 192.168.0.7 0 destination 192.168.0.18 0rule permit IP Source 192.168.0.6 0 Destination 192.168.0.18 0
Re-refresh: VShield Endpoint Antivirus module installation is normal;
650) this.width=650; "title=" wps16c7.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps16c7.tmp "src=" http://s3.51cto.com/wyfs02/M02/79/46/wKioL1aNtDzApOg2AABduN-UNrc848.jpg "width=" 569 "height=" 215 "/>
VShield Manager shows Normal:
650) this.width=650; "title=" wps16d7.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps16d7.tmp "src=" http://s3.51cto.com/wyfs02/M00/79/48/wKiom1aNtBWg9b4rAABWqfK0D60322.jpg "width=" 564 "height=" 182 "/>
question two: after the installation is normal, but the virtual machine is not able to disinfect properly,
Cause Analysis:
Virtual Machine Refinement Agent is not enabled via VShield Manager (Thin agent enabled)
650) this.width=650; "title=" wps16d8.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps16d8.tmp "src=" http://s3.51cto.com/wyfs02/M00/79/48/wKiom1aNtBaDWDc3AABkvQmpXjQ611.jpg "width=" 567 "height=" 194 "/>
The reason for this is that VMCI was not installed when installing VMware tools;
Workaround: Reinstall the VMware Tools tool and select the corresponding driver;
650) this.width=650; "title=" wps16e9.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps16e9.tmp "src=" http://s3.51cto.com/wyfs02/M01/79/48/wKiom1aNtBiS72yuAAEFPWUzmXg851.jpg "width=" 529 "height=" 418 "/>
To detect if the installation was successful, pass the FLTMC command:
650) this.width=650; "title=" wps16f9.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps16f9.tmp "src=" http://s3.51cto.com/wyfs02/M01/79/46/wKioL1aNtEHBQ9hAAABmC-hhICM824.jpg "width=" 571 "height=" 158 "/>
Test Antivirus normal:
650) this.width=650; "title=" wps16fa.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps16fa.tmp "src=" http://s3.51cto.com/wyfs02/M00/79/46/wKioL1aNtELw5N6rAAA6Kie_CkU302.jpg "width=" 574 "height=" 73 "/>
Error Three: lost communication with ESX module
VShield Manager Displays the error message "Lost Communication with ESX module". The cause of this problem is that the Esx/esxi and running VShield Manager timestamps do not match.
VShield Manager creates a new certificate when it runs for the first time. If the timestamp is inconsistent, the certificate validation fails and the error message is prompted. This error can also cause a protected virtual machine to take offline
Workaround:
To resolve this issue, make sure that the VShield Manaer is synchronized with the Esx/esxi time
650) this.width=650; "title=" wps16fb.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps16fb.tmp "src=" http://s3.51cto.com/wyfs02/M02/79/46/wKioL1aNtEOAE_N3AABkHE1dp_E795.jpg "width=" 574 "height=" 277 "/>
Uninstall the program, and then reinstall the corresponding VShield;
650) this.width=650; "title=" wps170c.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps170c.tmp "src=" http://s3.51cto.com/wyfs02/M00/79/48/wKiom1aNtBvxqbnRAABMMfVvl3w322.jpg "width=" 573 "height=" 159 "/>
After the reinstallation is complete, the ESX modle is successful, but the move AV agentless antivirus will appear with an exception as shown in:
650) this.width=650; "title=" wps170d.tmp "style=" border-right-width:0px;background-image:none;border-bottom-width : 0px;padding-top:0px;padding-left:0px;margin:0px;padding-right:0px;border-top-width:0px; "border=" 0 "alt=" Wps170d.tmp "src=" http://s3.51cto.com/wyfs02/M00/79/46/wKioL1aNtETwoPL4AABZoGMrdSY775.jpg "width=" 568 "height=" 185 "/>
At the same time in the Vshpere client will also report the corresponding error, when we need to re-import the anti-virus system OVF reconfiguration can be;
This article from "Toni Learn It" blog, declined reprint!
VShield Manager5.5.4 Antivirus System exception solution
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
