• EN
Solved

NPA: Ivanti Management Console

A
Userlevel 2
Badge +13

We are expanding our NPA footprint soon. Several of the users that are about to gain NPA access use the Ivanti Management Console (remote management console) on a daily basis. Attempting to log into the console results in the following error: 

 

Console Initialization Error: 

Unable to connect to the database.

A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - No such host is known.).


We have Private apps created for this host and IP already. 

 

Has anyone else configured this successfully for NPA access? 

icon

Best answer by sshiflett 8 May 2024, 15:49

View original

2 replies

S
Rank
Userlevel 6
Badge +16

Hello @AlfaBane


I assume this thread https://forums.ivanti.com/s/question/0D5UL000004Cnw30AC/ivanti-management-console-in-a-ztna-world?language=en_US is from someone on your team as well based on the timing.

I’d check for a few things based on the feedback. 

 

  1. Check the npadebuglog.log for “No matching policy” and see if any entries indicate that a port is missing.
  2. Open all ports to that app to your test user(s) so we can capture if any additional ports are required.
  3. Check to see how authentication is configured for the app.   If it’s reaching out for kerberos or other auth, we need to ensure that AD or other services are also available.

 

One other note from that thread:

 

  1. Console reaches out to the Core server, stating that "this Joe Sixpack is trying to log on. Is he allowed to?" [Authentication checks & such basic things happen on the Core. ] We'll assume you're allowed to login ;).
  2. Remote Console asks the Core server for the DB-credentials (the remote console then has a DIRECT connection to the DB of its own!)

 

This would seem to indicate that there’s actually two connections in play here (the core server and the actual DB) so both would need to be published via NPA.  The error from Ivanti might indicate that the second server is not available.  

Sam ShiflettNetskope Solution Architect - North America
A
Userlevel 2
Badge +13

I went down a rabbit hole with our Ivanti Admins and identified the sql server, alias, and IP. After adding those to the appropriate app and allowing some simmer time, the console connected without issue! 

Thanks Sam!! I’ll go over to the Ivanti forum and thank phoffman as well. 

Reply


Terms & ConditionsCookie settings