When checking the ESXi host details in Deep Security Manager (DSM), the following errors may occur:
- Some vShield Endpoint shows "Not Installed" even when the vShield Manager is being used. Not all ESXi hosts under the same DSM and vCenter are affected.
- Some ESXi hosts also display "Network Settings Out of Sync With vCenter Global Settings".
The following procedure was applied but failed to resolve the issue:
- Check the vShield Manager. It showed that the vShield Endpoint was installed on the target ESXi hosts.
- Restart the vShield Endpoint driver via SSH. It was successfully restarted but it still failed to show the correct vShield Endpoint status on the DSM.
- Synchronize the vCenter from the DSM.
- Check the ESXi host from the vCenter. Navigate to Configuration tab > Software > Advanced Settings. Under Net section, the IP listed in Net.DVFilterBindIPAddress matches the one listed in the DSM > vCenter Properties > Network Configuration > VMKernel vNIC IP.
To resolve the issue:
- On the vSphere Client console, select the target ESXi host.
- Navigate to Configuration tab > Hardware > Networking.
- Under the Standard Switches section, make sure that the following conditions are met:
- Standard Switch vmservice-vswitch must exist.
- VMKernel Port vmservice-vmknic-pg must have the same IP address value as the VMKernel vNIC IP in the DSM.
If either of the two conditions above is not met, the error will occur.
- Reinstall the vShield Endpoint driver of the affected ESXi host from the vShield Manager console.
Reinstalling the vShield Endpoint driver does not require setting the ESXi host in Maintenance Mode.
- Synchronize the DSM and check again the Details of the target ESXi host. It should now show that the vShield Endpoint is "Installed" and the DSVA status is "Unprepared" for deployment.