VMware Horizon Community
Darringer
Contributor
Contributor
Jump to solution

View 5.2 Security Server Installation problem

I have been trying to get my security server up and running for 2 days now and keep running into a brick wall.  I continually receive the following error:

Error 28083.  IPsec setup failed. Please refer to the C:\users\...\...\vminst.log file for further details.  The log reveals "Error: Failed to get a successful response from the connection server after IPsec Setup"

In an effort to resolve the issue i have allowed the Windows Firewall on both the Security Server and the Connection Server to allow all inbound connections.

I have verified that all Back-End firewall configurations are correct and functioning as required.

I have scrolled through http://communities.vmware.com/thread/405121?start=15&tstart=0 and performed the recommended changes within that thread.

When I completely remove all GPO's from the Connection Server, I am able to then successfully create the pairing between the Security Server and the Connection Server.

Most people would say well it's a GPO setting start walking through them.  Well I have several GPO's that are applied in order to be STIG compliant.

What I'm looking for is, can someone please point me in the right direction as to what settings could possibly affect the IPsec communication between the 2 boxes?

Thanks for the assistance.

0 Kudos
1 Solution

Accepted Solutions
Darringer
Contributor
Contributor
Jump to solution

After calling and opening a ticket with VMware it seems that I have been able to successfully install the Security Server.  After they had looked through the several different GPO settings that were being applied I changed the below setting and was able to successfully install after running a gpupdate /force on my connection server.

Computer Configuration/Policies/Windows Settings/Security Settings/Local Policies/Security Options/ System Cryptography System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing

My setting was Enabled.  I changed it to Disabled and it seemed to resolve the current issue.

View solution in original post

0 Kudos
3 Replies
markbenson
VMware Employee
VMware Employee
Jump to solution

Hi,

We have seen a situation where "Apply local connection security rules" setting was set to "No" and this meant that IPsec can't be enabled in the firewall.

If anything prevents Microsoft IPsec from being setup in Windows, the Security Server pairing with IPsec can't work.

Check through your GPOs.

Mark

0 Kudos
Darringer
Contributor
Contributor
Jump to solution


Mark,

  Thanks for the reply.  I have tried that setting as it was listed in the article that I went through and took all the recommendations that were given.  Like i said i have several group policies in play in order to be STIG compliant. 

Are you able to point me in the right direction as to what settings could cause this to happen?

Thanks,

Eric

0 Kudos
Darringer
Contributor
Contributor
Jump to solution

After calling and opening a ticket with VMware it seems that I have been able to successfully install the Security Server.  After they had looked through the several different GPO settings that were being applied I changed the below setting and was able to successfully install after running a gpupdate /force on my connection server.

Computer Configuration/Policies/Windows Settings/Security Settings/Local Policies/Security Options/ System Cryptography System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing

My setting was Enabled.  I changed it to Disabled and it seemed to resolve the current issue.

0 Kudos