Environment
Novell Access Management 3 SSLVPN Server
NAM3IR2.TAR.GZ
Situation
SSLVPN component running on the Identity server NAM3IR1 build.
After an upgrade of the Administration Console and the IDP an update was done for the SSLVPN component to NAM3IR2
Update completed successfully, but the SSLVPN component as seen from the Administration Console does not get back into an operational status. It showed as disconnected.
Trying to restart the SSLVPN component did not fix the problem.
Resolution
Move or copy the /etc/opt/novell/sslvpn/config.xml.rpmsave to config.xml and restart the sslvpn component.
Fixed with Novell Access Manager SP1.
Additional Information
Steps to reproduce:
Do an upgrade of the SSLVPN component that is running on the Identity Provider from NAM3IR1 to NAM3IR2
The Administration Console shows that the SSLVPN component does not get back into an operational status. It showed as disconnected.
Once the SSLVPN component was started manually from the command line the /var/log/messages file showed:
No internal interface found with address 10.1.16.5
The /var/log/stunnel.log file showed:
Error binding sslvpn to 10.1.16.5:7777
This IPaddress listed had never been used on the system running the SSLVPN component.
The /etc/opt/novell/sslvp/config.xml file was containing the wrong IPaddress and seems to be the default config.xml file.
During the upgrade process the /etc/opt/novell/sslvpn/config.xml file is copied to config.xml.rpmsave and should be copied back after the upgrade process.
This copying back of the config.xml.rpmsave file has not happened therefore leaving the default one with the wrong IPaddress in place.
Once the SSLVPN component was started manually from the command line the /var/log/messages file showed:
No internal interface found with address 10.1.16.5
The /var/log/stunnel.log file showed:
Error binding sslvpn to 10.1.16.5:7777
This IPaddress listed had never been used on the system running the SSLVPN component.
The /etc/opt/novell/sslvp/config.xml file was containing the wrong IPaddress and seems to be the default config.xml file.
During the upgrade process the /etc/opt/novell/sslvpn/config.xml file is copied to config.xml.rpmsave and should be copied back after the upgrade process.
This copying back of the config.xml.rpmsave file has not happened therefore leaving the default one with the wrong IPaddress in place.