Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3209
  • Last Modified:

Event 1573 can't form a cluster because witness not accessible : Symantec Endpoint related?

After rebooting this DBS02 server, it could not join the
cluster : refer to attached screens.

Could it be due to recently we installed Symantec Endpoint
Protection & it blocks certain traffic?  I login using domain adid
as well as local administrator but in services.msc, I can't stop
the Symantec Client Protection & the other Symantec service:
the "Stop" option was simply greyed out (ie I can't select it).

Any help wud be appreciated
WitnessClus.jpg
CantStartClusvc.jpg
0
sunhux
Asked:
sunhux
  • 4
  • 3
3 Solutions
 
sunhuxAuthor Commented:
Another question:
I'm completely newbie to Win 2012 so need step by step
instruction on how to get into Symantec Endpoint Protection
to disable its firewall rules (if there's any)
0
 
sunhuxAuthor Commented:
0
 
SteveCommented:
this is pretty normal. if the witness server has firewall software on it may be preventing the node from seeing it, and therefore killing the cluster.

Is the node on the same site/subnet as the witness?
can it ping it?
can it browse to fileshares?
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 
sunhuxAuthor Commented:
> Is the node on the same site/subnet as the witness?
Yes, on same subnet 10.7.3.x/24.

> can it ping it?
Yes, could ping.

> can it browse to fileshares?
Could browse (using 'net view \\witness_IP'    &
even map a drive to (using 'net use x: \\witness_IP' )

I've figured out how to disable Syman Endpt Protectn's
firewall.

Curious, which port is that that needs to be permitted
without which it would show in Failover Cluster Manager
the member node as 'Down'
0
 
SteveCommented:
Could browse (using 'net view \\witness_IP'    &
Cluster system uses names. can you ping/browse it by it's name on the domain?
click start>run '\\servername\' and see if you are presented with shared folders that you can browse.
if you don't have any shares on that server, try browsing to '\\servername\c$' to see the default C drive share.

Curious, which port is that that needs to be permitted
without which it would show in Failover Cluster Manager
the member node as 'Down'
There are many ports needed to allow this to work. In general if you can browse to a share it means the right ports are probably open.
0
 
sunhuxAuthor Commented:
> can you ping/browse it by it's name on the domain?
Yes

> start>run '\\servername\' and see if you are presented with shared folders
Yes

Thing is I still would like to know which port was being blocked
by SEP which caused this issue.  Some other ports were permitted
by SEP : for this reason I could map drives & thus the 2 "Yes" answers above
0
 
SteveCommented:
this is a good post for fileshare ports:
http://www.experts-exchange.com/Security/Misc/Q_21157694.html

and here is window's official one:
http://technet.microsoft.com/en-us/library/cc731402.aspx

The cluster element of this does add a requirement to access the server's RPC ports too.
http://technet.microsoft.com/en-us/library/cc738291(v=ws.10).aspx
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now