A.20 Clustering Issues

A.20.1 Bringing Up the Server If a Cluster Member Is Down

Action: Check the Administration Console for the component that is down in the cluster member. If the component is openvpn, stunnel, or sockd, restart SSL VPN by using the following command:

/etc/init.d/novell-sslvpn restart

OR rcnovell-sslvpn restart

You can check for the status by using the following command:

/etc/init.d/novell-sslvpn status

OR rcnovell-sslvpn status

A.20.2 Bringing Up a Binary If It Is Down

Action: If the openvpn, stunnel, or sockd binaries are not running:

  1. Stop the server by using the following command:

    /etc/init.d/novell-sslvpn stop

    OR rcnovell-sslvpn stop

  2. Use the ps command to check whether the openvpn, stunnel, and sockd binaries are still running.

    If the binaries are running, kill the processes and start the server.

  3. Restart Tomcat if it is not responding.

  4. Check the status of the SSL VPN server.

A.20.3 Debugging a Cluster If Session Sharing Doesn’t Properly Happen

Action: Check the connectivity among the cluster members by using the following command:

netstat -anp | grep 8900

Restart Tomcat on all of the machines if each cluster member doesn’t have a TCP connection with other members.

When a user is added, you can see the username in /var/log/messages of all cluster members.

NOTE:8900 is the default port used for session sharing among cluster members. If a different port is configured, grep for session sharing.