Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Deep Security Virtual Appliance failed to bind IP address from NSX-T IP Pool

    • Updated:
    • 13 Jul 2021
    • Product/Version:
    • Platform:
    • VMware
Summary

When deploying Deep Security Agentless Solution with VMware NSX-T, you may encounter issues deploying the Deep Security Virtual Appliance(DSVA) due to the IP address assigned from NSX-T pool is already in use. This is a known issue and VMware will release a fix soon. 

This article provides the possible symptoms, troubleshooting and workaround to fix this issue. 
Details
Public

You may encounter the following symptoms when deploying Deep Security Virtual Appliance:

 

1) Successfully deployed the DSVA but activation is failing

image.png

 

2) The DSVA from vCenter view shows only 3 IP address instead of the expected 5 IP address

image.png

 

3) From NSX-T console, the Criteria Alarms shows Partner Channel Down for Endpoint Protection

image.png



Troubleshooting

 

  1. Login to the DSVA and switch to its terminal console.
  2. Go to /var/opt/ds_agent/slowpath/ and inspect the configuration files dsva-ovf.env and dsva-ovf.xml 
  3. Verify the IP address assigned and network configuration if same as NSX-T Static IP pool
    image.png
    image.png
  4. Check the /var/opt/messages log and search the IP address that assigned to DSVA and show the IP already used by other.
    image.png
  5. From NSX-T manager console, confirm the IP already in use by ESX host for TEP IP addresses.
    image.png

Workaround

1) Delete the current deployment plan and re-deploy DSVA . Change the NIC0 to use DHCP instead of Static IP Pool

Here is an article from VMware that addresses the same issue: Service Status Unknown or Endpoint Protection fails to get IP Address (vmware.com)
Premium
Internal
Partner
Rating:
Category:
Troubleshoot; Deploy
Solution Id:
000287628
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.