Problem

When I try to access Sentinel Correlation I get the error IDENTIFICATION_ERROR: LOGIN_OR_PASSWORD_INVALID , and when I try to access Sentinel Administration I get the error : DISTANT EXCEPTION

Resolution

The issue is caused by a firewall configuration, a forwarding tools or a proxy server which can be blocking the Sentinel application to reach the server.

In addition to ports that Sentinel has been configured with, Sentinel will use by default randomly 14 free ports that are available.

The practice in this case, when you have firewalls, is to set a range of 14 ports to be used by Sentinel by following this procedure:

1. In Sentinel ../Sentinel/conf/trkserver.xml fix a range of ports as below :

<FirstAutomaticBroadcastPort>1350</ firstAutomaticBroadcastPort>

You can update this parameter also by running the Sentinel's configure.sh script , and at the step Advanced network configuration in the RMI Port Selection section select A range of port starting from and add the port 1350

2. Make sure to open/allow the 14 ports from 1350 to 1363 and also all the ports you see more in ../Sentinel/log/tcpServices.html when Sentinel is fully started.

3. After having these setups done, restart Sentinel

Additional note

In addition to the above , in case you are using an F5 load balancer, to be able to access Correlation and Administration while the F5 is set use the 7 layers of TCP model. Here are two possible scenarios:

1. VIP targeting a group of ports (Sentinel default ports + 14 port of the range used).

This solution does not work on 7 network layers only on 4 layers

2. VIP listens to ANY but filtered with an IRULE in F5 which secures and limits the ports used. This solution works on 7 layers

IRULE:

when CLIENT_ACCEPTED {

if {([TCP :: local_port] == 443)} {

return}

elseif {([TCP :: local_port]> = 1308 && [TCP :: local_port] <= 1363)} {

return}

else reject

}