Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

TippingPoint devices become unmanaged when SMS HA is broken.

    • Updated:
    • 6 Sep 2017
    • Product/Version:
    • TippingPoint SMS All
    • TippingPoint Virtual SMS
    • Platform:
Summary
As part of the SMS High Availability (HA) functionality and in order to prevent another SMS from taking control of the same device, the IPS/TPS device records the IP address and CERT of the active SMS in an HA cluster.  Under normal HA failover conditions, the CERT from the active SMS is copied to the passive SMS and used to manage the devices.  If the cluster fails-over or is swapped then the devices are still seamlessly managed with the same CERT.  In most cases if the active SMS fails, it is recovered and the HA cluster is re-synced.
Details
Public
However, if the active SMS is not recoverable (RMA) and the cluster is broken, then all devices must be un-managed and re-managed.

Remember that when replacing the failed SMS, the new SMS will have a new serial (CERT) number. When the Primary SMS is replaced, the original information of the old SMS is still in the devices. Replacing the Primary SMS device with a new SMS does not update the management information.

To verify if there will be a problem when you break HA, you can run the IPS/TPS CLI command "show sms" 
 
{}show sms
Allowed SMS IP address : 192.168.98.10
Device is under SMS control
SMS Serial Number: XXXX-XXXX-XXXX
      SMS Version: 4.5.0.98012
           SMS IP: 192.168.98.10
         SMS Port: 8162

If the output of the command shows the CERT (SMS Serial Number) from one SMS and the IP address of the other SMS in the cluster, then when you break HA the devices will become unmanaged. If both the CERT and the IP address belong to the active SMS, then you will not have an issue when you break HA. If the devices become unmanaged when HA is broken, the IPS/TPS devices will have to be unmanaged via the LSM or the CLI. Additionally the devices will have to be removed from the active SMS and then re-managed.
Premium
Internal
Rating:
Category:
Troubleshoot
Solution Id:
TP000088872
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.