cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Highlighted
Frequent Visitor

On-Premises Gateway and TLS

Hi All,

 

We have a strange issue which has occurred on our Gateway servers.  

 

We have 2 servers (in separate data centers) which are configured in a cluster, I'll call them G1 and G2 for simplicity.

 

Recently, G1 was patched for a security flaw and the TLS1.0 protocol was still disabled. Since then, only some of the connections are failing. Each of the connections show this info

 

Unable to connect: This data source cannot connect to any gateway instances of the cluster. Please find more details below about specific errors for each gateway instance.Hide details

Activity ID:

4bc88e44-4fe0-43f7-8ab2-7679cc8xxxxx

Request ID:

44db3294-f78a-0134-94e0-1e67a78xxxxx

Cluster URI:

https://wabi-us-north-central-redirect.analysis.windows.net

Status code:

 

Time:

Tue Jul 16 2019 09:12:04 GMT+0100 (Irish Standard Time)

Version:

13.0.9933.297

 

GATEWAY:

We reached the data gateway, but the gateway can't access the on-premises data source.

 

This definitely not related to credentials - because we separately set up the same connection on G2 (which has not been patched as yet ...) and those connections now work fine !

 

I can run tracert from G1 to the hostname of server which the Gateway says it can't reach.

 

It is bizarre as only some of the connections are failing, and the ones that are 

 

How do I check what TLS version on-premises gateway is using (I'm assuming at least TLS1.1 , but probably TLS1.2 ?) or how can I trace what is blocking the Gateway from connecting to the host ? .

 

Our network and OS support folks are adamant it is an "application" issue, but I'm not convinced ! 

 

Anyone else seen similar issues once TLS1.0 is disabled ?

 

3 REPLIES 3
Highlighted
Solution Sage
Solution Sage

Hi @GavinClark ,

Could you please tell us which data source are you using? Based on my understand, you are using PowerBI Gateway connecting to a data source in cluster, one server with TLS enabled while another one not.

Have you checked if you can use other client to connect to this cluster of data source? Based on my experience, if it is SQL Server in a cluster, we may meet problem when one server with TLS while another not, I would suggest you checking the data source end error log. Generally, they will provide related error message. 

Best Regards,

Teige

Highlighted

Hi Teige,

 

Thanks for the reply, yes the majority of them are SQL Server data sources , one of them is an ODBC connection to a Denodo server.

 

Which logs do I need to check - the on-premises gateway log ? ... do I need to enable additional logging on the gateway and what is the specific kind of event I'm looking for in the logs (if you know, will save trawling through it ...)

 

thanks !

Gavin Clark

Highlighted

Hi Teige,

 

sorry , I've just re-read the message, we need to check the logs on the data source (SQL server logs ?? or Windows/Linux event logs or both ?)

 

thanks ! 

Helpful resources

Announcements
Community Conference

Power Platform Community Conference

Check out the on demand sessions that are available now!

Community Conference

Microsoft Power Platform Communities

Check out the Winners!

secondImage

Create an end-to-end data and analytics solution

Learn how Power BI works with the latest Azure data and analytics innovations at the digital event with Microsoft CEO Satya Nadella.

Top Solution Authors