During a recent Deep Security implementation we’ve experienced post-deployment issues with the Deep Security Virtual Appliances (DSVA’s). After Deployment of the DSVA’s you will get a “Communications Problem” reported from the Deep Security Manager.
By the way, the Deployment of the DSVA within ESXi 5.5 has got a known issue of not working on the first attempt. Please read this for more information.
The error looks like this:
Troubleshooting pointed out that something was wrong with DNS resolving from the DSVA towards the Deep Security Manager. The DSVA was resolving the DSM on shortname.
To verify DNS resolving within the DSVA login the the console by pressing F2 (default username/password: dsva/dsva)
After logon on press Alt-F2 to get the Shell Login Prompt, logon again with username dsva
Now you can use the nslookup command to check DNS resolving. In my case shortname resolving didn’t go right while FQDN resolving was okay.
Changing the hostname of the DSVA to its FQDN didn’t solve the problem so we figured that the Search Suffix needed to be added to the DSVA.
To do this, execute the following command: sudo vi /etc/resolv.conf and add the “search yourdomain.local” entry.
After adding this, the “Communications Error” disappear and the DSVA became “Healthy” within the Deep Security Manager.