★ ADWAN branch new device online websocket establishment failed
- 0Followed
- -1Collected ,360Browsed
Network Topology
Normal ADWAN Branch topology
Version:Unified Platform E0612,SeerEngine-SDWAN E6321H01
Problem Description
The new branch fails to go online, and the controller node shows offline reason: the device has no version number.
Process Analysis
1. Confirm whether the version of router and controller is the supporting version, and the model and version of the equipment are consistent with the successfully launched equipment.
2. Check whether the equipment serial number imported on the controller page is consistent with the SN number found on the equipment.
3. Check the network connectivity: Ping the controller address on the branch device, it can be pinged, but the service port 19443 cannot be accessed.
4. Query websocket connection status is unconnected.
5. Confirm whether the router starts DNS proxy , configure “DNS proxy enable”.
6. Confirm whether the cloud management registration address is correct:
l Register through private network: the registered address is the unified North address of the controller;
l Register through the public network: the registered address is the public network address mapped to the unified North address of the controller;
“nat server protocol tcp global 36.7.144.146 19443 inside 10.3.206.6 19443” is configured for the interface connecting the branch at the headquarters, where 36.7.144.146 is the public network address and 10.3.206.6 is the IP address of WAN components. “cloud-management server domain 36.7.144.146” is configured on the branch.
7. The branch route is found in the headquarters. It is found that the headquarters equipment has three equivalent default routes, and NAT is configured on the 1/2/0/6 outgoing interface. The session request message sent by the branch equipment to the controller enters through the interface mapped by the NAT server configured in the headquarters. The response message replied by the controller is not forwarded by the headquarters equipment through the same interface, but through other Internet outgoing interfaces, resulting in the failure of websocket connection establishment.
Solution
Add “ip last-hop hold” command on the Internet outlet interface of the headquarters to ensure the consistency of two-way paths. Or configure the following routes on the headquarters: “ip route-static 58.48.39.189 32 GigabitEthernet 1/2/0/6 36.7.144.1”. After that, the websocket connection can be established successfully, and the device is online normally.
