#ONTAP direct connection

Did anyone yet manage to directly connect an on-prem system to BlueXP? I'm talking about this: https://docs.netapp.com/us-en/cloud-manager-ontap-onprem/task-discovering-ontap.html#discover-clusters-directly
FAS2720, ONTAP 9.12.1P1. This is a lab-system so no support, etc.

Basically I'm connecting to the cluster-IP in my browser, getting the prompt in the first attached image, then I'm logging into BlueXP. When I put in my credentials I only get "Invalid username or password" which is wrong...

• tried other browsers (Chrome, Edge, Firefox)
• inbound and outbound connections to
  https://cloudmanager.cloud.netapp.com/ontap-service/check-service-connection are possible (tried via systemshell)
• I'm on the same network as this system, I can connect to it without issues via HTTPS (standard System Manager) or SSH
• tried another user (role admin with all of the applications)
• no special service-policy (default-management) or firewall-policy (mgmt), I even disabled the ONTAP-firewall
• renewed the server-cert for the admin-SVM to make sure it's not expired
• restarted the webservices via system services web modify -external false; system services web modify -external true
• enabled basically everything under vserver services web show & vserver services web access show
• the cluster knows the root-CA of https://cloudmanager.cloud.netapp.com, I've checked this via security certificate truststore check -server cloudmanager.cloud.netapp.com:443

I assume you mentioned the cluster IP address

and not the node IP

Audit-Log always shows me this:

                               Log Entry Timestamp: Mon Mar 20 18:00:09 2023
                                              Node: [Nodename]
                                 Log Message Entry: [kern_audit:info:64080] 8503e8000000002f :: [Clustername]:http :: [IP_address]:60679 :: [Clustername]:unknown :: OPTIONS /api/cluster HTTP/1.1 :: Error: 403 Forbidden
                                        Session ID: 8503e8000000002f
                                        Command ID: 8503e8000000002f
                                          Protocol: http
                              Remote user location: [my_local_IP]
                                      Vserver name: [Clustername]
                                          Username: unknown
                            Command being executed: OPTIONS /api/cluster HTTP/1.1
                       State of this audit request: Error
       Additional information and/or error message: 403 Forbidden

I don't understand why is says "unknown" for the user

yes of course 🙂

please tell me I'm not crazy.... I don't understand why it's not working...

next step will be to wipe the system... because many shenanigans have been tried on this system, maybe the config is just broken :/

so the system you re using to launch blue XP and cluster lab subnet are accesabel?

in other words networking is all clear?

yep

from yoru system you are trying to launch blue xp, are you able to launch systems manager to access the clsters

i guess yes

ONTAP is getting the certs, so my guess would be that outgoing connections to "cloudmanager.cloud.netapp.com" are working

lol, yes of course 😄

everything is working, we are simply trying to evaluate the direct connect to BlueXP feature for this system

I have tried this and direct discovery does work

soem thing really basic but worth a try

clearing browser cache and try

becasue it seems like the session is reaching the cluster but just not recognizing user name or password

I always used private mode in the browser

cookies or local browser caching can't be the issue

my hope is it's just the system... we will wipe it

or maybe we will try with the next customer system if it works.... I don't think you need a valid support contract for this afaik