Hello, I’m testing out HCP Consul with the intent of using some non-AWS Consul clients. During provisioning of the Consul cluster I made sure to check the box to allow external access to the cluster and I’ve verified tcp/8300 as open/filtered with nmap.
Using the client config from the portal I’m unable to join clients. The journalctl output looks like this:
Jun 18 20:46:56 consul[69754]: 2021-06-18T20:46:56.432-0600 [ERROR] agent.auto_config: AutoEncrypt.Sign RPC failed: addr=:8300 error=“rpcinsecure error establishing connection: dial tcp → :8300: i/o timeout”
Jun 18 20:46:56 consul[69754]: 2021-06-18T20:46:56.432-0600 [ERROR] agent.auto_config: No servers successfully responded to the auto-encrypt request
I tried with the default retry_join setting downloaded from the portal and when that did not succeed I changed from the private DNS name (172.x.x.x) for the cluster to the public DNS name (54.x.x.x). The end result was the same.
I notice that the CN embedded in the CA.pem is neither the public nor the private name but I’m not sure that would matter.
Any thoughts? Thanks!