I am learning CA PAM. After deploying CA PAM OVA file .I tried ping from other machine it was successful.then i started accessing web gui.I am unable to access web gui of pam server on browser on http:// <host-ip>. I tried telnet on 22 23 80 ports result was connection refused.I was following Deploy the VMware OVA Template - CA Privileged Access Manager - 3.0.2 - CA Technologies Documentation .I have to download CA PAM client on next step stuck here.do you have any suggestion to clarify the problem? .
you should access your server via https://192.168.36.100/ and not http://
Thanks for u reply. I tried with https://ip of pam server. it showed same results. Can help me in any other ways?
Maybe you didn't configure the gateway and/or net mask correctly? Can you verify that? The gateway is configured in "Basic Network Settings”, the network mask under "Interface Network Settings” in the main menu on the VM console. E.g. if the IP of GB1 is 10.10.11.10 and the gateway 10.10.10.1 you would need a 255.255.254.0 network mask so that gateway and GB1 IP are in the subnet defined by the mask.
thank you for your response. I made the configurations able to access the web-gui. where can i get default username and password info? or do i need to do any further configurations needed to do login?
Hi, the default user is super/super. You will be asked to change the password when you first login.
Thanks Ralf .It 's working
While we're at it: There is a second default user, config/config. This user can only logon to the https://<PAM-host>/config/ URL, not to the default https://<PAM-host> URL. This user only manages configuration, no users, devices or policies. You also want to log on as the config user at least once and change its password (there is a link on the page once logged in, you will not be prompted to change the password). This can also be used to change the name of the super user, but not super's password. To change the super user name you have to provide the current super user password. You have to be logged in as super (or whatever you may rename this account to) to change its password. The "Reset Password” option you see in the menu on the VM console refers to the config user password. This allows you to get into the configuration in cases where you lost the passwords for the local administrative accounts and there is a problem with the integration with other user stores such as LDAP.
Most of this is discussed in our online documentation at https://docops.ca.com/ca-privileged-access-manager/3-0-2/EN/implementing/configure-your-server/default-administrator-accounts.
Is it possible to Integrate CA PAM with CA Authminder(CA Strong Authentication)? if yes how can we do Integration?is their any document for that?
Hi Venkatesh, Please do not use old community threads to ask totally unrelated questions. I see you posted that question in a separate thread earlier already. I am not aware of anyone having done this integration and we don't have it mentioned in PAM documentation. We'll check with others and update the newer thread you started on this topic.
I am also finding the same issue, unable to ping the PAM appliance ip and not able to access the url from my laptop.
I am running the PAM appliance on VMWare 14 player, on my laptop, configured the Bridged network option. Attaching the screenshot, kindly help to fix this issue.
Hi Dina, The IPs I used in my update were fictional. Do you actually have a gateway with IP 10.10.10.1?
Ok. Now I have changed all the settings. Please check the screenshot attached.
Laptop ipconfig output and pam appliance settings attached. I have updeate gateway/ip address/net mask as per my laptop settings. Please check this and help to fix the issue.
Is there a issue on ip address / gate way settings or on the VMWare Network setting issue? Not sure.
Hi Dina, How did you setup networking for the VM. It looks like you are trying to use bridged networking. From what I read online the default is NAT for VMware Workstation and bridged networking requires the VMnet0 virtual switch which I don't see in your ifconfig output. I only see VMnet1 (Host-Only) and VMnet8 (NAT). The information I was looking at is https://docs.vmware.com/en/VMware-Workstation-Player-for-Windows/14.0/workstation-player-14-windows-user-guide.pdf .
I have tried deploying it on my personal laptop and it worked. I was able to ping the IP and able to get the PAM console. In Personal laptop also, I see only 2 network adapters Vmnet1 and Vmnet8. I used Vmnet1 which is host only. It worked.
But in my office laptop, I did the same deployment, but it didnt work. I used Vmnet1 and same configuration as used in personal laptop but unable to ping the IP address from host. I just checked on office laptop, the Firewall is on. I tried to disable but couldnt as I dont have privilege.
Somehow, I managed to disable (not sure fully disabled). I could see the firewall is off but also see "Inbound connections" option is set to Block (default).
Please help to identifiy and fix the issue.
Hi Dina, I don't have VMWare Workstation and can't help you since it's not an environment supported by PAM. Maybe someone else has encountered and fixed a similar problem and can chime in.
could you describe how you can solve this issue ? by doing what ?
this issue is also happen to me with ca pam 2.8 .
thank you in advance .
In my case.I impoted ova file in Oracle virtual box.so I got above error. After importing it in Vmware workstation player. That problem automatically solved. During Import it asked for dns and network related don't provide anything.It automatically detects if DHCP is in place.access it on https://<ip>
I see, I have tried in Vmware workstation and vmware esxi, the error still the same.
btw. when you create network for ca pam on vmware workstation what you chose between network adapter NAT/Bridge/Host only ?
If you use vm workstation delete existing network adapater on vm settings and add new network adapater.
I used bridge and nat both worked well.if you use bridge it can be accessible in entire network.if your physical machine using wifi and using bridge mode for vm .you won't get ip.only lan it works.
If you use Nat only your physical machine which hosted the VM only access it. In your network any other system can not access it.even your in wifi u r vm gets ip.
I am suggesting that remove adapater s for vm and add them as new and check above criteria .it applicable in Vm workstation or VMware player .
PAM is reachable only on HTTPS, it don't redirect automatically from http to https.