This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

Checking name resolution and port connectivity for an RSA Authentication Manager 8.1 SP1 or later Web Tier instance on a supported Red Hat platform

Article Number

000035978

Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager Web Tier
RSA Version/Condition: 8.4 or later
 

Issue

The Authentication Manager primary instance is reporting a status other than Online for a web tier deployment running on supported Red Hat platforms.  For example, Offline, Pending Connection or Reinstall Required, and further investigation is required.

Resolution

The shell script attached to this article will attempt to find the Web Tier installation directory, as well as look up the Authentication Manager, Web Tier and Virtual Host fully qualified host names from the Web Tier configuration. Next, the shell script will perform name resolution of the fully qualified host names and check the status of ports 7022/TCP and the virtual host port, which by default is 443/TCP.

Installation

  1. Download the attached wtcheck.sh shell script into the /tmp folder on a Web Tier instance that is running on a supported Red Hat platform.
  2. Change the permissions of wtcheck.sh so it can be executed at the command line:

chmod 755 /tmp/wtcheck.sh

Usage

  1. Logon to the Red Hat platform with a local account, either in an SSH session or at the local console.
  2. Change the privileges of the local account using the command sudo su -.

rsaadmin@am82p:/opt/rsa/am> sudo su -
rsaadmin's password: <enter operating system password>
am82p:~ #

If you do not change the privileges of the local account, then the following message appears: You must be the root user to use this program; exiting...

  1. Navigate to the /tmp directory:

cd /tmp
  1. Use the wtcheck.sh shell script to check name resolution and port accessibility:  

./wtcheck.sh
Example output where the web tier is not in the default folder: 

[root@webtier01-csau-ap-rsa-net tmp]# ./wtcheck.sh

RSA Customer Support - Asia Pacific

Web Tier Check Program

Report Filename is /tmp/wtcheck-report_202107190927.log

Locating the Web Tier Home Directory
------------------------------------

 - did not find the default web tier home directory

 - please enter the web tier home directory : /opt/webtier

 - /opt/webtier folder does not exist

 - do you wish to search for the web tier home directory (y/n)? y

 - starting a search for the web tier home directory, please be patient...
 - search completed!

 - using web tier home directory /RSA/Webtier/

--------------------------------

Hostname Lookup Testing
-----------------------

Authentication Manager Instance : am84p.csau.ap.rsa.net [1]
Server:         192.168.7.35
Address:        192.168.7.35#53

Name:   am84p.csau.ap.rsa.net
Address: 192.168.7.46


  - lookup worked!

Web Tier Instance : webtier01.csau.ap.rsa.net [1]
Server:         192.168.7.35
Address:        192.168.7.35#53

Name:   webtier01.csau.ap.rsa.net
Address: 192.168.7.26


  - lookup worked!

Virtual Host Instance : tokenserver.csau.ap.rsa.net [1]
Server:         192.168.7.35
Address:        192.168.7.35#53

Name:   tokenserver.csau.ap.rsa.net
Address: 192.168.7.26
Name:   tokenserver.csau.ap.rsa.net
Address: 192.168.7.48


  - lookup worked!

--------------------------
Hostname Lookup Completed!

Checking Ports
--------------

..(8 second timeout for each check)..

Current hostname : webtier01.csau.ap.rsa.net

Determining the Virtual Host port as : 443

  - Port 7022/TCP is reachable on am84p.csau.ap.rsa.net

  - Port 443/TCP is reachable on webtier01.csau.ap.rsa.net

  - Port 443/TCP is reachable on tokenserver.csau.ap.rsa.net

-------------------------
Checking Ports Completed!

[root@webtier01-csau-ap-rsa-net tmp]#
In this example, a report called /tmp/wtcheck-report_202107190927.log was created.

A copy of /tmp/wtcheck-report_202107190927.log: 

RSA Customer Support - Asia Pacific

Web Tier Check Program

 - using web tier home directory /RSA/Webtier/

** Hostname Lookup Testing**

Server:         192.168.7.35
Address:        192.168.7.35#53

Name:   am84p.csau.ap.rsa.net
Address: 192.168.7.46

Server:         192.168.7.35
Address:        192.168.7.35#53

Name:   svcs-amprimekit.csau.ap.rsa.net
Address: 192.168.7.26

Server:         192.168.7.35
Address:        192.168.7.35#53

Name:   tokenserver.csau.ap.rsa.net
Address: 192.168.7.26
Name:   tokenserver.csau.ap.rsa.net
Address: 192.168.7.48

** Hostname Lookup Completed! **

** Checking Ports **

Determining the Virtual Host port as : 443

  - Port 7022/TCP is reachable on am84p.csau.ap.rsa.net

  - Port 443/TCP is reachable on svcs-amprimekit.csau.ap.rsa.net

  - Port 443/TCP is reachable on tokenserver.csau.ap.rsa.net

** Checking Ports Completed! **

Notes

Page 75 of the RSA Authentication Manager 8.5 Setup and Configuration Guide provides information about supported Red Hat Enterprise Linux operating systems.

Red Hat Enterprise Linux version 8.3 (64-bit) is now supported with RSA Authentication Manager 8.5 Patch 4 Web Tier software.  Refer to page 7 of the RSA Authentication Manager 8.5 Patch 4 Web-Tier Readme.
Attachments
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2021-07-22 08:13 AM
Updated by:
Administrator Administrator

Related Content

© 2022 RSA Security LLC or its affiliates. All rights reserved.