RSA agent on servers getting access denied and network timeout problems when the server is using NLB. Authentication Failures during test.While installing some RSA agents on NLB systems I ran into a problem where only one of the nodes would succesfully test the authentication. I started thinking, ok, maybe it is the nlb, so I set the client to use the dedicated ip. Nope, still didn't. So googling around I found half of my answer, use the NLB ip address. So Inside of the RSA server Security Console, I set up a new host, using the NLB hostname and IP address. And thats where the tip left off. They forgot a few steps. Add the dedicated ip's for the servers into the alternate ip address list. Also, you have to manually create the node secret and import it using the agent_nsload.exe command. So, quick break down
- Create host on RSA Security Console using NLB hostname/ip
- Add dedicated ip's of hosts as alternate addresses
- Create secret using Security Console and save the zip file. You will need to unzip the secret from that file.
- Use the agent_nsload program to import the secret. It's in the client installation stuff.
- Open the agent on the server, in the advanced section, set the ip to be the dedicated ip.
- Test and you should be good