To troubleshoot and resolve the issue please follow those steps:
On the Agent server
- Check if Agent service is up and running. Restart it if needed
- make sure that port 8006 (default) was taken by running this command
netstat -aon | find "8006"
- stop the Agent service and run the netstat command again to make sure that 8006 port is not taken by another application, which is causing a port conflict. Start the Agent service back.
- netstat command should provide a list of IPs that port 8006 is bound to. Please make sure that 0.0.0.0 is listed
a) if IP address is ::1, then please set IPv4 priority higher than IPv6 by:
b) if IP is the actual IP of the agent server itself and/or 127.0.0.1 and 0.0.0.0 is not listed in netstat output then:
- open CMD and run command:
telnet localhost 8006
Telnet client can be installed through Roles And Features of the server, if needed. The expected result of that operation is a blank screen and not the error message. Blank screen means that telnet was able to connect to port 8006 locally. Failure means that port either not taken by the agent (verify by nestat command) or that it's blocked by firewall
- after telnet to localhost port 8006 works, open a browser and navigate to https://127.0.0.1:8006/apprecovery/api/agent/pair/connect
This should result in agent response in form of XML text with agent ID.
- if connection to localhost port 8006 using browser is not working then it means that there's a problem with SSL/TLS communication. Please review Event Viewer, System for any SCHANNEL errors or warnings for the root cause of the issue.
On the Core server (after agent troubleshooting has been finished)
- click on agent's name and then on Settings. Note the Hostname specified
- open CMD and ping the agent server by name. Make sure that: name is resolvable, resolvable to the correct IP, IP is IPv4 and not IPv6
- perform the command:
telnet <agent_name> 8006
If command stays on the black screen, then it means that connection was successful. Otherwise, make sure that firewall is not blocking the communication
- open browser and navigate to https://<agent_name>:8006/apprecovery/api/agent/pair/connect
This should result in agent response in form of XML text with agent ID. May ask for credentials.
- if telnet can connect but browser can't then it means that HTTPS cannot negotiate SSL/TLS. Please download a program IIS Crypto on the Agent server (https://www.nartac.com/Products/IISCrypto) and run it. Click on Best Practices button and reboot the Agent server. Test URL again.
Please note, if existing agent is removed from protection and added back, this will generate a base image.
Recommendation: when protecting an agent please try to:
- use machine name instead of IP whenever possible
- specify username in <domain>\<administrator> format (if protected machine is an AD member), where <domain> is AD NetBIOS (short) name and <administrator> - any user who is a member of machine's local Administrators group