Deployment Guide

30 Dell Hybrid Cloud System for Microsoft Cloud Platform System Standard

4. The analyzer runs for a minute or two, and then shows you the results, as illustrated by the following

graphic:

Under the Title “A firewall rule that allows remote shutdown should be enabled on each node in the

failover cluster” you should see a green ‘Passed’ result. If there are any compute nodes that are members

of this CCL cluster listed as having failed this test, you have run into this issue.

Resolution:

Reboot the affected nodes. After you have rebooted the affected nodes, run Analyze cluster updating

readiness again. Once it is in a Passed state, you can rerun the P&U.

Issue 4

Symptoms

From the Console VM, the CPS Administrator cannot access the OEM OOB (Out-of-Band Management)

webpage through Internet Explorer. The error will be similar to the following:

This page can’t be displayed

Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://URL again. If this

error persists, it is possible that this site uses an unsupported protocol or cipher site such as RC4 (link for

details), which is not considered secure. Please contact your administrator.

Cause

TLS 1.2 ciphers were strengthened in P&U 1706 (and higher) on all hosts and VMs in the CPS stamp. The

OEM OOB cannot communicate using these enhanced cryptography ciphers.

Workaround

1. To temporarily unblock the issue, delete this registry key value on the Console VM trying to access the F5

Configuration Utility:

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\0001

0002]

"Functions"="TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384,TLS_ECDHE_ECDSA_WITH_AES_

128_GCM_SHA256_P256,