Forum Discussion

f5dev7_171984's avatar
f5dev7_171984
Icon for Nimbostratus rankNimbostratus
Nov 27, 2015

GTM Synchronization fails "Is big3d running?" "Is tcp port 4353 access allowed?" IQuery connection fails

Hi,

 

I'm trying to Sync two GTM using gtm_add command using their public-ip(self-IP), I keep getting the "Is tcp port 4353 access allowed?"

 

I can telnet to this port, i know its open,

 

on each self-Ip i have the port set to default (even allow all for test purpose),

 

I have the same Synchronization group configured on each GTM, to make it more interesting i have Active/Standby GTM at each location but is trying only to connect to each active device first,

 

The SSL exchange passes using the bigip_add but gtm_add aways fails, I have followed all trouble shooting, verified everything,although I am using the default ssl cert and not generating a new one.

 

application delivery
BIG-IP DNS

4 Replies

Sort By
  • f5dev7_171984's avatar
    f5dev7_171984
    Icon for Nimbostratus rankNimbostratus
    Nov 27, 2015

    Yes SSL seems to be the issue but how can I correct this, I have a valid cert, under DNS>GSLB>Server>Trsusted Certs, they appear to be a valid cert but multiple of them and the error i'm getting under GTM log is

     

    SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

     

    thanks for the input

     

    • Renato_166638's avatar
      Renato_166638
      Icon for Nimbostratus rankNimbostratus
      Nov 27, 2015
      I don't like to use that console commands to download the certificates, they are responsible by duplicating and making the list looks confusing and I prefer to add them manually. Don't forget to check the port lockdown settings for the self-ip used as server address.
  • f5dev7_171984's avatar
    f5dev7_171984
    Icon for Nimbostratus rankNimbostratus
    Nov 30, 2015

    Thanks Everyone for the reply this was resolved by changing the certificate to self-signed, the CA provided one had issue.