Help
FortiNAC-F
FortiNAC-F is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks. For legacy FortiNAC articles prior to FortiNAC-F 7.2, see FortiNAC.
pdipen
Staff
Staff

Created on ‎12-04-2024 05:52 AM

Article Id 360995

Troubleshooting Tip: The secondary GUI failed to start because admingui status indicates a failure

Description This article describes the issue when on GUI the Secondary FortiNAC server is unable to start and make changes in the Config Wizard due to the 'admingui' status showing as failed in the FortiNAC CLI.
Scope FortiNAC-F, FortiNAC.
Solution

After enabling the secondary GUI command from the Secondary server CLI, the 'nac-secondary-admingui' status fails immediately.

 

Symptoms:

 

> systemctl status nac-secondary-admingui
nac-secondary-admingui.service - NAC Secondary Admin GUI
Loaded: loaded (/usr/lib/systemd/system/nac-secondary-admingui.service; static; vendor preset: disabled)
Active: failed (Result: exit-code) since Thu 2024-08-15 08:44:19 EDT; 2s ago
Process: 3684 ExecStart=/bsc/campusMgr/bin/internal/startNACSecondaryAdminGUI (code=exited, status=1/FAILURE)
Main PID: 3684 (code=exited, status=1/FAILURE)

Aug 15 08:44:15 acsonacbravo.andersonsheriff.com startNACSecondaryAdminGUI[3684]: at com.bsc.api.YamsNameServiceLookUp.lookup(YamsNameServiceLookUp.java:231)
Aug 15 08:44:15 acsonacbravo.andersonsheriff.com startNACSecondaryAdminGUI[3684]: at com.bsc.api.YamsNameServiceLookUp.lookup(YamsNameServiceLookUp.java:209)
Aug 15 08:44:15 acsonacbravo.andersonsheriff.com startNACSecondaryAdminGUI[3684]: at com.bsc.api.admingui.ConfigWizardGUI.main(ConfigWizardGUI.java:34)
Aug 15 08:44:15 acsonacbravo.andersonsheriff.com startNACSecondaryAdminGUI[3684]: Exception in thread "main" javax.naming.NameNotFoundException: Name AdminGUI not found
Aug 15 08:44:15 acsonacbravo.andersonsheriff.com startNACSecondaryAdminGUI[3684]: at com.bsc.api.YamsNameServiceLookUp.lookup(YamsNameServiceLookUp.java:250)
Aug 15 08:44:15 acsonacbravo.andersonsheriff.com startNACSecondaryAdminGUI[3684]: at com.bsc.api.YamsNameServiceLookUp.lookup(YamsNameServiceLookUp.java:209)
Aug 15 08:44:15 acsonacbravo.andersonsheriff.com startNACSecondaryAdminGUI[3684]: at com.bsc.api.admingui.ConfigWizardGUI.main(ConfigWizardGUI.java:34)
Aug 15 08:44:19 acsonacbravo.andersonsheriff.com systemd[1]: nac-secondary-admingui.service: main process exited, code=exited, status=1/FAILURE
Aug 15 08:44:19 acsonacbravo.andersonsheriff.com systemd[1]: Unit nac-secondary-admingui.service entered failed state.
Aug 15 08:44:19 acsonacbravo.andersonsheriff.com systemd[1]: nac-secondary-admingui.service failed.

 

Solution:

Execute the following command on the Primary server CLI and confirm that the output displays both the primary and secondary serial numbers.

 

> globaloptiontool -name security.allowedserialnumbers

 

If the serial numbers are not visible, add them using the command below:


> globaloptiontool -name security.allowedserialnumbers -setRaw "<serialnumber1>,<serialnumber2>,<serialnumber3>”

 

Example:


> globaloptiontool -name security.allowedserialnumbers -setRaw "FNVM-Mxxxxxxx1,FNVM-Mxxxxxxx2,FNVM-CAxxxxx4,FNVM-CAxxxxx5,FNVM-CAxxxxx6"

 

Run the following command in Secondary CLI:

 

> systemctl restart nac-secondary-admingui
81
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.