Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Resolving connectivity issues in Microsoft Cluster Environments when using a Deep Security Agent (DSA)

    • Updated:
    • 6 Mar 2017
    • Product/Version:
    • Deep Security 8.0
    • Deep Security 9.0
    • Deep Security 9.5
    • Deep Security 9.6
    • Deep Security as a Service 2.0
    • Platform:
    • VMware ESX 4.1
    • VMware ESX 5.0
    • VMware ESXi 4.1
    • VMware ESXi 5.0
    • VMware vCenter 5.0
    • Windows 2003 Enterprise
    • Windows 2003 Enterprise 64-bit
    • Windows 2003 Standard
    • Windows 2003 Standard 64-bit
    • Windows 2008 Enterprise
    • Windows 2008 Enterprise 64-bit
    • Windows 2008 Server R2
    • Windows 2008 Standard
    • Windows 2008 Standard 64-bit
Summary

Customer installing a DSA might encounter connectivity issues in Microsoft Cluster Environments.

This can either affect a Microsoft Failover File Cluster or a Microsoft SQL Cluster.

Details
Public

To resolve the issue:

  1. Unbind the passive (first) node using bindview.
    1. Select All Services from the Show Bindings For drop-down menu and expand the branches under the Agent Trend Micro Lightweight Filter Driver.
    2. Search for the binding path to MS cluster virtual adapter.
    3. Right-click the binding path and disable it.
    4. Test if the Deep Security Agent (DSA) can communicate with Deep Security Manager (DSM) by running an Eicar test.
  2. Failover the cluster to the passive (first) node.
  3. Uninstall the DSA from the former active (second) node.
     
    This step will disable the network connection for up to one minute.
  4. Reboot the server. The new passive (second) node should be able to join the cluster.
  5. Install the DSA on the second node.
  6. Create a customize firewall rule allowing incoming TCP/UDP port listed on 3343 and 49152-65535, and assign it to the target DSA. These ports are required for MS Cluster Service to allow multi-node communication between the MS Cluster Management Server and cluster nodes.
    You may change the Source IP value to Incoming Traffic instead of Any.

    Allow ports 3343 and 49152-65535

The nodes should now be working normally. For more information, refer to this Microsoft article: Service overview and network port requirements for Windows.

Premium
Internal
Rating:
Category:
Troubleshoot
Solution Id:
1061154
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.