I have a Commserve, MA, in one network
A 2nd MA and client on another
Went throught the steps described in "Operating Through a DMZ Using Data Protection Suite Proxy"
The installation of the client, using the proxy completed successfully, but I cannot push out firewall changes to the client, and "check readiness" from the commserve fails
See the following in the cvfwd.log file on the proxy:
- Looking for a tunnel connecting ANY with share
- ERROR: No tunnel found that could potentially serve this client
- => CONNECT_FAILED(147,-1, Failed to find tunnel for ANY=>share:8400/8400)
- Accepting cvfwd connection.
- The other side is "address of client:43743, fd=984
- Creating new DYNAMIC tunnel to "addr of client"
- Initializing SSL/TLS for DYNAMIC tunnel to "address of client" via ("address of proxy, address of clint")
- ERROR: Can't agree with peer on what certificate to use for authentication
- ERROR: Peer has builtin: YES, commcell: NO
- ERROR We have: builtin: NO, commcell: YES
Commserve name = commserve
Proxy name = proxy
client name = share
Here is the firewall configs from the three servers
commserve share proxy=proxy
commserve proxy type=persistent proto=http cvfwd=proxy.sand.box:8452
===share - only showing differences from commserve config
share commserve proxy=proxy
share proxy type=persistent proto=http cvfwd=proxy.sand.box:8452
===proxy - only showing differences from commserve config
proxy share type=passive
proxy commserve type=passive
Any hints or suggestions as to how to proceed?