clsalgueiro
Contributor
Contributor

vShield App installation encountered error while installing vib:Entered IP address is used by another vShield App, please enter unused IP address

Hi, I had a problem upgrading vShield Manager from 5.0 to 5.1.2-943471. vShield App was installed in 4 of my virtual clusters:

  • Testing
  • Clientes #1
  • Clientes #2
  • Servers

Before upgrading vShield Manager, I upgraded the ESXi version from 5.0 to 5.1 without uninstall the vShield App firewalls from the hosts, because I made a clean installation of ESXi 5.1. Now vShield  Manager shows that vShield App is not installed on the hosts and offers to my the posibility of install it.

The problem is that when i try to install it, this error appear:

cap1.JPG

The IP 172.30.110.132 is not in use, as I mentioned before, the esx005 was reinstalled with the new version of ESXi 5.1 without remove the vShield App and 172.30.110.132 was the IP of the virtual appliance of vShield App after upgrade to 5.1.

Although vShield Manager let me choose Install option, if I click in Datacenters I still see the removed appliances:


cap2.JPG


The question would be:

How can I do to the vShiel Manager not shows to me those vShield Apps appliances that was removed but they´re still there.

Thanks!


0 Kudos
4 Replies
Jonesie946
Contributor
Contributor

Were you able to get this resolved? I have run into the same issue, and have not been able to find a resolution.

0 Kudos
BrettJowett
Contributor
Contributor

Hi,

I currently have a ticket open with VMware support with a similar issue.
I will update the post when I have feedback from support on this.

Regards

Brett

0 Kudos
clsalgueiro
Contributor
Contributor

BrettJowett I opened a ticket in vmware and Dylon (an escalation technics) resolved the issue deleting in the vShield DB the correct lines, using a support user.

Regards.

0 Kudos
BrettJowett
Contributor
Contributor

Thanks for your reply.

I have also been in contact with support this morning and they have done the exact same thing by removing the host from the DB as i had already deleted the orphand node from vCenter.

I know it might not be relevant but I had the same issues with an orphaned entry in VShield because a host was decommissioned from my cluster incorrectly.

But in the event of an unrecoverable  hardware failure of a host such as hardware failure you might be in a similar position that you cannot re install the VShield App firewall entry from the manager because the host is not available. I raised this with support and they advised that as long as you still have the host in the cluster (in a disconnected state). You can use the rest API to remove orphaned instance of vShield APP from the vShield Manager for the failed host.

API command for this is in the VShield API Program Guide on page 50

https://www.vmware.com/pdf/vshield_51_api.pdf

Using some form of rest client issue the following command:

DELETE https://<vsm-ip>/api/1.0/vshield/<host-id>/vsz

You will need to login to the MOB console on your vcenter to find the host ID.

Then you have to go through all these properties, by clicking on theirs value on right side table -column "VALUE"

Properties name

content

rootfolder

childEntity

hostFolder

childEntity (choose the cluster)

Before you try anything like this i would take a snap shot (with memory) of the VShield Manager. I haven't confirmed this actually works yet but it might be worth a shot in future if anyone encounters something similar.

I would like to pass most of the credit on for this to Artur in the VMware support team who provided me with this information.

Regards

Brett

0 Kudos