question

MattD-7613 avatar image
0 Votes"
MattD-7613 asked RahulJindal-2267 commented

CMG - Connection Analyzer not working

I set up the CMG yesterday and it is kinda workingish....

I run the Cloud management gateway connection analyzer, but it doe snot run correctly.

I sign in with my Azure info, click start and only see the following:

131166-image.png




As far as I can tell, its connected and I was able to deploy software from it.

mem-cm-general
image.png (161.9 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RahulJindal-2267 avatar image
0 Votes"
RahulJindal-2267 answered RahulJindal-2267 commented

Did you try closing and re-opening the analyzer? Sometimes it needs a sort of ‘reset’. Also, did you try against a client certificate? You can also refer to smsadminui log for clues.

· 7
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Restarted the process a couple of times. Having other CMG issues as well. probably all related. Client cert does the same thing.

0 Votes 0 ·

[18, PID:9160][09/10/2021 16:23:17] :System.Net.WebException
Unable to connect to the remote server
at System.Net.HttpWebRequest.GetResponse() at Microsoft.ConfigurationManagement.AdminConsole.AzureServices.CMGAnalyzer.backgroundWorker_DoWork(Object sender, DoWorkEventArgs e)
System.Net.Sockets.SocketException
No connection could be made because the target machine actively refused it 20.84.232.113:443
at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)


In other words - networking issues. : (

0 Votes 0 ·

Sure does. Is the traffic allowed on the FW?

0 Votes 0 ·
Show more comments
AllenLiu-MSFT avatar image
0 Votes"
AllenLiu-MSFT answered MattD-7613 commented

Hi, @MattD-7613
Thank you for posting in Microsoft Q&A forum.

We may try to configure CNAME on internal DNS to see if it helps like below article suggested:
https://www.prajwaldesai.com/configmgr-cmg-error-the-remote-name-could-not-be-resolved/
(Please note: Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.)


If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I guess that is where the confusion lies as I did not think a CNAME was necessary when using the Azure name - NAME.CENTRALUS.CLOUDAPP.AZURE.COM

I can look into it as I am willing to try anything ....

0 Votes 0 ·
MattD-7613 avatar image
0 Votes"
MattD-7613 answered RahulJindal-2267 commented

Commented elsewhere, but wanted a more visible answer. I got the Connection analyzer working by setting the proxy settings in Internet Options.

It ran perfect when I used my azure sign in, but had two errors when I used a cert. What certificate file is this looking for in this test? The Client Authentication cert in Personal on any laptop? If so, I keep getting a message stating the certificate doe snot contain the private key. Help!

· 5
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Are you using pki, third party for cmg? What version of CB do you have?

0 Votes 0 ·
MattD-7613 avatar image MattD-7613 RahulJindal-2267 ·

Using PKI certs and 2107 console.

0 Votes 0 ·

If you are using pki for cmg, then you will need to enroll the cert chain in cmg client auth settings. Also you will need a pki client cert enrolled on your end points and site server hosting connection point. You should use the same client auth cert to test in cmg analyzer.

0 Votes 0 ·
Show more comments