Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

“Multiple Errors” status appears when activating a guest virtual machine (VM) in Deep Security

    • Updated:
    • 3 Jul 2015
    • Product/Version:
    • Deep Security 8.0
    • Deep Security 9.0
    • Deep Security 9.5
    • Platform:
    • Windows 2008 Server R2
Summary
When you activate any guest VM for Deep Security Virtual Appliance (DSVA) protection, you get “Multiple Errors” status with the following warnings:
  • Update Failed (Agent/Appliance error)
  • Interfaces Out of Sync
  • Intrusion Prevention Rule Engine Offline
  • Firewall Rule Engine Offline
Multiple Errors status of VM
Click image to enlarge.
The vmkernel.log on ESXi shows multiple entries of “Dvfilter-dsa: update_sp_binding: DSVA not bound”.
Dvfilter-dsa: update_sp_binding: DSVA not bound
Click image to enlarge.
These errors happen even when the DSVA status is “Managed-Online” and vShield Endpoint status is “Registered”. The guest VM is also installed with vShield Endpoint driver.
Details
Public
The issue occurs when the DSVA and filter driver improperly bind, causing communication failure between DSVA and the VM to protect.
To successfully activate the VM:
  1. Ensure that the value 169.254.1.1 is bound to Dvfilter-dsa.
    1. On the vCenter, click the ESXi host.
    2. Go to Configuration tab > Advanced Settings > Net.
    3. Make sure that the value of Net.DVFilterBindIPAddress is “169.254.1.1”.
  2. Make sure that the dvfilter is listening to port 2222.
    1. On the vCenter, click the ESXi host.
    2. Go to Configuration tab > Security Profile.
    3. Under Firewall, click Properties.
    4. Ensure that the dvfilter is selected and listening to port 2222.
  3. Restart the filter driver.
    1. Put the ESXi on maintenance mode. This requires turning off the VMs or migrating them to another ESXi host.
    2. Connect to the ESXi host via SSH using Putty.
    3. Run the command “esxcfg-module -u dvfilter-dsa” to unload the filter driver.
    4. Run the command “esxcfg-module dvfilter-dsa” to reload the filter driver.
    5. Exit the ESXi from maintenance mode.
  4. Power on the DSVA.
  5. On the Deep Security Manager (DSM) console, make sure that the DSVA status is “Managed-Online” and the vShield Endpoint status is “Registered”.
  6. Activate the VM.
Activation will be successful and the “Dvfilter-dsa: update_sp_binding: DSVA not bound” will no longer appear on the ESXi log.
Premium
Internal
Rating:
Category:
Troubleshoot
Solution Id:
1098739
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.