Hi Vijay
You can modify the proxy configuration file and specify the different nodes of the CA PAM cluster, it would be something like:
<preserveCacheBetweenRestarts> false </preserveCacheBetweenRestarts>
<loglevel> FINE </loglevel>
<cspmserver>
node1 </cspmserver>
<cspmserver_port> </cspmserver_port>
<cspmserver>
node2 </cspmserver>
<cspmserver_port> </cspmserver_port>
<cspmserver>
node3 </cspmserver>
<cspmserver_port> </cspmserver_port>
<cspmserver>
node4 </cspmserver>
<cspmserver_port> </cspmserver_port>
<! - Port the daemon listens to stubs on (for requests from client applications) ->
<daemonserver1_port> 27077 </daemonserver1_port>
<! - Port the daemon listens to Password Authority server on ->
<daemonserver2_port> 28888 </daemonserver2_port>
<logfile> e: \ cspm_agent \ cloakware \ cspmclient \ log \ cspm_client_log.txt </logfile>
<! - Set to OFF / INFO / FINE / WARNING to see logs from cspmclient executable stub ->
<c_loglevel> FINE </c_loglevel>
Why do you require or configure the VIP?
Original Message:
Sent: 11-28-2019 08:34 PM
From: vijayakumarc chandrasekaran
Subject: PAM Proxy service automatically stopped
Hi All,
One more question, currently i have given IP address of one of the HA member in PAM proxy configuration file. Is it possible to add both member IP addresses in configuration file or simply give VIP ?
Thanks,
Vijay
Original Message:
Sent: 11-28-2019 03:59 AM
From: vijayakumarc chandrasekaran
Subject: PAM Proxy service automatically stopped
Hi All,
After i restart the PAM proxy services, now working without any issues. Thanks for all your suggestions. Closing TAC case as well.
Thanks,
VIjay
Original Message:
Sent: 11-28-2019 01:46 AM
From: vijayakumarc chandrasekaran
Subject: PAM Proxy service automatically stopped
Hi Ralf,
I have opened necessary firewall rules now and can run Proxy service without any issues but i am facing an another issue now. I am able to telnet from PAM to server using port 27077 and from server to PAM using 443. I have also enabled port 135 and 445
"CSPMAgentServlet::doPost. Failed to authenticate CSPM server, abort.. "
Original Message:
Sent: 11-26-2019 11:30 AM
From: Ralf Prigl
Subject: PAM Proxy service automatically stopped
Hi Vijay,
this problem typically is observed when either port 443 is not open from the Windows Proxy host to the PAM appliance, or port 27077 is not open from the PAM appliances to the Windows Proxy host. See port requirements on page https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-3-1/deploying/ip-addresses-and-ports-for-network-connectivity.html.
Original Message:
Sent: 11-25-2019 09:54 PM
From: vijayakumarc chandrasekaran
Subject: PAM Proxy service automatically stopped
Hi,
I am trying to configure Windows Proxy connector to manage local account of one of the Windows 2016 server which is not in domain. I managed to install the Proxy setup in Server by following the KB. The problem is after we star the PAM Proxy service, it is running for some time and stopped automatically. I have tried to change the services recovery options in the server but still status is same. Has anyone faced issue like this before ?
Thanks,