Re: OneView web interface and server adding issues

ograttery · ‎03-24-2022

Hello,

I just install OV 6.5 on an Hyper-V 2019. I can access to the web interface when using Internet Explorer 11 directly on Hyper-V host (I can only use that) but when I try from a computer connecting to the same network (admin network with no internet access) it says me that the certificate is not safe and when I click "Continue to XXX.XXX.XXX.XXX (not safe)" it is loading but the web interface don't appear and after a long time this displays "Loading ...".

I tried to reboot the appliance several times and for information on this network subnet there is no port filtering on switches.

I have an other issue when I try to add server with iLO address. I have the message : "Unable to establish trusted communication with the server" so I import the iLO certificat in OneView but it doesn't work.

I tried also to add a DNS entry for iLO on DNS server, I can ping the iLO with IP address and host name but same issue.

Do you have any ideas ?

Thanks for your help

Olivier

ChrisLynch · ‎03-24-2022

Try clearing your web browser cache? Did you enable jumbe frame or large MTU size on this network? Do you have a 100Mb switch that potentially has a duplex mismatch?

Can you connect to the Hyper-V Remote Console and log into that UI? If so, then there is an external factor causing this issue.

I work at HPE
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]

ograttery · ‎03-28-2022

Hi Chris,

Thanks for your reply.

Concerning cache browser clearing : done and always failed

Concerning "Did you enable jumbe frame or large MTU size on this network" : no --> should it be enabled ?

For 100Mb switch with duplex mismatch : no

I can connect throug Hyper-V Remote Console and login to UI with no problem.

As a remember I can acces to web interface with IE11 on the Hyper-V host but not on a computer on the same network.

2 others things :

First, I configured an external repository on the same Hyper-V host with IIS on Windows Server 2019 with HTTPS self-signed certificate, (VM not on the same VLAN but routable from HPE OneView appliance) and when I add it in OneView with HTTP URL it works but when I want to add it with HTTPS URL it doesn't work (it works in IE11).

Secondly, on the same server I installed a SFTP server for "Remote backup location" for save appliance backups. When I try with WinSCP and in CLI on a linux or windows cmd it works fine but when I want to add it in the OV Appliance I have also an error which said

"Unable to retrieve SSH information: Cannot generate public host key for remote server fqdn_address_of_server.

Resolution Ensure that the remote host name or IP address is correct, SSH enabled and that the remote host is compatible with the appliance cryptography mode, and then retry the action. Create a compatibility report from the Security Settings screen for more information about the cryptography mode. "

I also disable "Certificate validation" and "Certificate revocation checking (using CRLs)" and "Automatic CRL downloading" in "Edit Security" settings and add the certificates for Repository server and ILO of servers I want to add in OV Appliance.

So with these 2 issues and the issue when trying to add server with ILO addresses or fqdn addresses which says "Unable to establish trusted communication with the server", I think there is an issue with SSL/TLS/Certificate validation or dialog.

For information, the OV appliance can't have access to internet. Is it a problem ?

Thanks for your help.

ChrisLynch · ‎03-28-2022

Concerning "Did you enable jumbe frame or large MTU size on this network" : no --> should it be enabled ?

No, it should not be.

I can connect throug Hyper-V Remote Console and login to UI with no problem.

Then you have a networking issue, not OneView.

Regarding TLS, OneView uses TLS 1.2 and can negotiate TLS 1.1, with TLS 1.0 disabled depending on what release you are trying to use. For any of the issues you are facing, none require Internet connectivity, only that if services and devices OneView needs to connect to, your IP scheme must be routable within your network if they are across L2 boundaries.

I work at HPE
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]

ograttery · ‎03-29-2022

Hi Chris,

Thanks for the answers.

I tried to add a server with iLO address and credentials with no success (Certificate of iLO imported in OV certificate store)
I also tried to add an external repository after creating a certificate with our Root CA and importing Root CA certificate and repository certificate in OneView but it doesn't work when using https (work when using http...).

For information :
- OneView Appliance and iLO are on the same subnet and Repository in on another subnet.
- OV subnet can access to Repo subnet but Repo subnet can't access to OV subnet

Any ideas ?

Thanks

ChrisLynch · ‎03-29-2022

Please open a support case to conitnue troubleshooting this. There is something else going on in your environment that using the forums here isn't efficient.

I work at HPE
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]

ograttery · ‎03-29-2022

Hi Chrys,

For the moment, I don't have any support because actually this is a POC before production so we don't have buy any licences now.

Thanks.

Olivier

ograttery · ‎04-01-2022

Hy Chrys,

I tried to install OneView on an ESXi 5.5 host (so I use OV 4.20.01) and I have no issues with this installation : I can access it from a PC on the same subnet, can add server...

When I install the same version 4.20.01 on Hyper-V 2019 it doesn't work.

Do you know if there is something special to do on network card or virtual network on Hyper-V host to do ?

Can we access in ssh to the Linux ? What is the linux that make the appliance working ?

ChrisLynch · ‎04-01-2022

When I install the same version 4.20.01 on Hyper-V 2019 it doesn't work.

We no longer offer support for OneVIew 4.20 as that is well over 3 years old. Please use a more current release. HPE OneView 6.60 is the most current release published.

Can we access in ssh to the Linux ? What is the linux that make the appliance working ?

No, as OneView is delivered as a closed appliance. The underlying OS is CentOS.

Also, I use Hyper-V 2016 in my lab, and have no issues there. I am using standard vSwitch with LACP. I have had too many core issues with Enhanced vSwitch and VLAN tagging. So just using the standard vSwitch and defining the tagged VLAN ID in the VM.

I work at HPE
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]

DanCernese · ‎04-01-2022

Not to mention that host support for OV 4.2 on Windows Hyper-V Server or Windows Server or Microsoft Hyper-V server versions stopped at 2016 (only one later exception apparantly tested may have been Windows Server 2019 LTSC) but as Chris said, support has long ago been retired.

I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]

clmueller · ‎05-10-2022

Hi all,

I see the same behaviour with OV 6.6 Demoappliance on ESXi 7.0.2

Installation works, Appliance can be configured with ESXi web console but access via http, https or ssh is not working.

The appliance is able to ping the gateway and other VMs within the ESXi host.

Other VMs (e.g. ilo-Amplifier) works great on the same ESXi host and also access via https and ssh is possible.

ilo-Amp makes use of E1000 and OV appliance VMXNET3 as a major difference between the installations.

Networksettings are the same (mask, GW) and there is no firewall between the OV and my client.

Any ideas or known problems?

Kind regards

Claus

clmueller · ‎05-11-2022

...looks like that there is an issue with the static routes. Is there still no way to change them within the appliance (may via maintenance)? What are the netmasks for the 192.x.x.x and 172.16.x.x.x routes?

clmueller · ‎05-11-2022

workaround with NAT between client and OV.

May it's worth to think it over if the internal routing of 172.16.0..0/12 and 192.0.0.0/8 is necessary or if it is a bug...

Kind regards

Claus

ChrisLynch · ‎05-11-2022

OneView does not support NAT configurations, so that is not an option. 172.16.0.0/16 is used internally to the demo appliance and cannot be changed. This has been standard behavior for all releases.

I work at HPE
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: OneView web interface and server adding issues

OneView web interface and server adding issues