do  a "set network dns primary " and see if it does, provided you can ping the dns ofcourse.

personnally i prefer not to use DNS as if is another dependency

I created a DNS entry for each which are pingable.  But the sub says that it can't resolve the IP into a host name (DNS reverse lookup failed) I set up DNS on the sub via the install procedure.  When I went to set it on the pub via the CLI it complained of invalidating the license and having to re-host it.

Hi Rob,

It's in the lab on ESXi 4.0.

Mark

Hi Rob,

Thanks for the direction again.  Wow what a pain!

I go to the answer file generator fill in all the prompts (some pull downs are empty like product and version) hit generate answer file and get nothing.  Tried to do it logged in to TAC account and also not logged in.  Tried via my company's internet/proxy and tried via my own ISP w/o proxy... All with the same result it just sits there and doesn't do anything.

I must be missing something or doing something wrong.  Will continue to research and try to get it to work.

Thanks again

Mark

Ok went and got a new eval license 8.  License tool asked me if it was VMWare I said yes.  Loaded it and restarted all services.  Went back to sub install same result.  It cant verify connectivity.  It's pinging, Ive reset the security pw no DNS.  ??? What am I missing? 

syslog/CiscoLog  is full of the following messages:

ClusterMgr message integrity check error. ClusterMgr has received a message which has failed a

message integrity check. This can be an indication that another node in the cluster is configured with the

wrong security password.

I've reset the security password but still get the same result.  Also notice that the messaging service isn't starting.  Get an alarm stating Cisco messaging interface has failed to start.

Also 'show tech network host' only shows the pub in /etc/hosts.  If I look at the CCMAdmin it's listed in servers.  Is there a way to edit /etc/hosts?

Is the security password referenced by 'set password user security' and the 'pwrecovery' user the same?

I use the pwrecovery / pwreset to set it to 'xxxxxxxx' .  If I then try to use 'set password user security' it balks and says the old pw doesn't match.

Looked at syslog/securitylog.txt on the publisher it had this message in it:

I searched the forum, cisco.com and the entire internet for 'CLIM_DENY','exceded the specified rate limit of 100 connections' but found nothing.

I'm still at it... Haven't given up yet!  I've tried all sorts of things but still end up with the same error.

I tried changing the link aggregation method for the etherchannel from PAGP (Cisco propiertary 802.2ad) to LAGP (IEEE 802.3ad) (yeah I'm desparate).

Putting the pub and sub in the same vlan on the same vswitch didn't make a difference either. 

I did a capture on the portchannel but I'm thinking it's actually not showing the traffic that is taking place on the virtual switch itself between the VM's.  Reason why is;  It definitely shows that the sub and pub are talking but the sequences are way out of whack resulting in TCP retransmissions and Duplicate acknowledgements.  I'm guessing that some of the packets are going directly between the vm's and some aren't?  If that's so what's causing it?  Yet pings don't lose a packet to or from either host.

I'm not giving up yet... Learning a lot along the way... It's fun!

I haven't given up on this yet.  No I haven't got it to work.  I've also posted in the VMWare community forum as well and have talked to TAC about it.  Yeah go figure at least they did talk to me.  I was beginning to think I was practicing black magic or something ha just joking mates don't take it too seriously.  Still no idea why this is failing.  This isn't production and I'm spending way too much time on it but I'm stubborn as they come.  Learning a whole lot along the way.