#Onprem Connector - network issue

Hi,
I'm installing BlueXP-Connector-Cloud-v3.9.49 , on prem, in a Ubuntu VM.
Even if there is no connectivity issue to internet, i get this error:
(see screenshot)

Any help/idea?

did you try curl -v https://mysupport.netapp.com and see what it shows? My guess would be that it shows a certificate error or something

this is the outcome

curl -v https://mysupport.netapp.com

• Host mysupport.netapp.com:443 was resolved.
• IPv6: 2a02:26f0:2d80:18d::3407, 2a02:26f0:2d80:1b9::3407
• IPv4: 23.13.61.229
• Trying 23.13.61.229:443...
• Connected to mysupport.netapp.com (23.13.61.229) port 443
• ALPN: curl offers h2,http/1.1
• TLSv1.3 (OUT), TLS handshake, Client hello (1):
• CAfile: /etc/ssl/certs/ca-certificates.crt
• CApath: /etc/ssl/certs
• TLSv1.3 (IN), TLS handshake, Server hello (2):
• TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
• TLSv1.3 (IN), TLS handshake, Certificate (11):
• TLSv1.3 (IN), TLS handshake, CERT verify (15):
• TLSv1.3 (IN), TLS handshake, Finished (20):
• TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
• TLSv1.3 (OUT), TLS handshake, Finished (20):
• SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 / X25519 / RSASSA-PSS
• ALPN: server accepted h2
• Server certificate:
• subject: C=US; ST=California; O=NetApp, Inc.; CN=www.netapp.com
• start date: Feb 26 00:00:00 2024 GMT
• expire date: Feb 25 23:59:59 2025 GMT
• subjectAltName: host "mysupport.netapp.com" matched cert's "*.netapp.com"
• issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Organization Validation Secure Server CA
• SSL certificate verify ok.
• Certificate level 0: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
• Certificate level 1: Public key type RSA (2048/112 Bits/secBits), signed using sha384WithRSAEncryption
• Certificate level 2: Public key type RSA (4096/152 Bits/secBits), signed using sha384WithRSAEncryption
• using HTTP/2

• [HTTP/2] [1] OPENED stream for https://mysupport.netapp.com/
• [HTTP/2] [1] [:method: GET]
• [HTTP/2] [1] [:scheme: https]
• [HTTP/2] [1] [:authority: mysupport.netapp.com]
• [HTTP/2] [1] [:path: /]
• [HTTP/2] [1] [user-agent: curl/8.5.0]
• [HTTP/2] [1] [accept: /]

GET / HTTP/2
Host: mysupport.netapp.com
User-Agent: curl/8.5.0
Accept: /

• TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
• TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
• old SSL session ID is stale, removing
  < HTTP/2 301
  < server: AkamaiGHost
  < content-length: 0
  < location: /api/prelogin/
  < date: Mon, 17 Feb 2025 08:42:48 GMT
  < server-timing: cdn-cache; desc=HIT
  < server-timing: edge; dur=1
  < strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
  < server-timing: ak_p; desc="1739781768116_1551523644_336347649_23_20680_1362_101_15";dur=1
  <
• Connection #0 to host mysupport.netapp.com left intact

well that looks correct. No idea then

isn't there any support I can get from NetApp?
Any idea?

sure, you can open a support ticket

ok I'll give it a try

is your firewall maybe configured to act differently towards devices from the storage/management/server network than end-clients? MAybe you can check with your firewall team if they see something in their logs

I don't think it's in place anything like that, but thank you

we maybe found the issue: imcompatible docker version

how i have to install docker 26.1.4

I haven't never had the chance to work with docker, so after some digging I still don't have an answer.
Which docker compose version should I install?

here there are many:
https://download.docker.com/linux/ubuntu/dists/noble/pool/stable/amd64/

requirements are here
https://docs.netapp.com/us-en/bluexp-setup-admin/task-install-connector-on-prem.html#step-1-review-host-requirements

but you should also check the matrix tool

note: docker 23.0.6 to 26.0.0 are supported

Yes I installed 26.1.4 as per my previous post

but I still have the same issue

mysupport.netapp.com can be reached but the installer doesn't work

netapp support seems not being able to help me with this..

ah, sorry, didn't see you tried that version.
What OS are you on?
and, i don't currently have an onprem install but can probably set one up for testing..
I do remember at one point when we were doing this (over a year ago) and were having problems, it was related to the docker/container network conflicting with one of our own network ranges and we had to make changes to get it working properly.

it could be good if you can..
I don't have good knowledge of docker right now, but if you have more details on that I could give it a try

3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:2b:ce:ce:43 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0

not sure what your network scope is, does it happen to overlap with 172.17.0.x

I see this is quite large subnet

I don't think there is another 172.17 in my network

what OS are you on

and not sure if you feel ok sharing the log from docker or not, you can edit anything out you dont want shared
in your first screenshot it shows the path/file as /tmp/installerxxxxxxx