cancel
Showing results for 
Search instead for 
Did you mean: 
Reliable Contributor Troja
Reliable Contributor
Report Inappropriate Content
Message 1 of 6

Switching Central Management Master Node - OnDemand

Jump to solution

Hi all,

what is the easiest way to switch the central management from one node to another.

Can this be done without any interruption and without any reboot?

Cheers

1 Solution

Accepted Solutions
Highlighted

Re: Switching Central Management Master Node - OnDemand

Jump to solution

Central management is designed so that if you logoff the current GUI, you should be able to log back on automatically to another one after about 5 minutes.

The only thing that i can think of that would prevent this is an automated process making REST calls to one of them, thus preventing the timeout and switchover to occur.

The only other thing i can suggest is simply logon to the active GUI appliance's CLI and stop the service.

# service mwg-ui stop

This should allow you to logon to the other one. Once you've done so, then then start the service back up.

Also, i am assuming you are connecting to the GUI on it's native IP address and not a VIP when used with Transparent Router.

5 Replies
Reliable Contributor asabban
Reliable Contributor
Report Inappropriate Content
Message 2 of 6

Re: Switching Central Management Master Node - OnDemand

Jump to solution

Hello,

in MWG 7 there is no "Master" in central management. What exactly do you want to achieve?

Best,

Andre

Reliable Contributor Troja
Reliable Contributor
Report Inappropriate Content
Message 3 of 6

Re: Switching Central Management Master Node - OnDemand

Jump to solution

Hi Andre,

sorry, Master was the wrong therm. I just spoke about the proxy with the highest priority. There are e.g. 6 Proxies in one central management. Proxy 1 has the highest priority, Proxy 2 hast the next lower priority.... and so on, and so on....

Yesterday we did an upgrade at a customer. We upgraded the proxy with the highest priority first and rebooted the system. Afterwards we did the same with the other systems. But, finally Proxy 1 was not the system where the central management GUl was located. We rebooted proxy 2 (the central management was there), but after reboot the central management was not switched to proxy 1, even proxy 1 has the highest priority.

Proxy 1 is important, because customer implements the automated proxy backup on this system.

Therefore my question is, how i can switch the central management to another host in the central management without rebooting a system. 🙂

Cheers

Highlighted

Re: Switching Central Management Master Node - OnDemand

Jump to solution

Central management is designed so that if you logoff the current GUI, you should be able to log back on automatically to another one after about 5 minutes.

The only thing that i can think of that would prevent this is an automated process making REST calls to one of them, thus preventing the timeout and switchover to occur.

The only other thing i can suggest is simply logon to the active GUI appliance's CLI and stop the service.

# service mwg-ui stop

This should allow you to logon to the other one. Once you've done so, then then start the service back up.

Also, i am assuming you are connecting to the GUI on it's native IP address and not a VIP when used with Transparent Router.

Reliable Contributor Troja
Reliable Contributor
Report Inappropriate Content
Message 5 of 6

Re: Switching Central Management Master Node - OnDemand

Jump to solution

Hi Erik,

thanks for the update. Customer connected to the UI using the VIP within a HA-Cluster. We rebooted one system several times, no change.

If the system is up under 5 minuts, can this cause the behavior? 🙂

Cheers

Re: Switching Central Management Master Node - OnDemand

Jump to solution

That would explain it.

You should not connect to the GUI via the VIP in ProxyHA. Doing so will create unpredictable results.

You must connect to the native management IP addresses instead.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community