Hi, I am struggling with cross domain / forest Hyper-V replication using certificates. I am trying to replicate a VM from a standalone host to a cluster, via a broker resource. I believe the certificates are all correct and installed on all servers correctly
and all firewall rules are configured correctly. The standalone server and cluster hosts are in different AD forests and logical networks (again all up stream firewall rules are in place for ports 135, 80, 443 and 4000).
I can replicate from the cluster to the standalone server on port 443 so assume that confirms the certificates are ok. I cannot, however, get replication working the opposite direction from standalone host to the cluster broker.
The error I get on the standalone server (replica source) is:
Hyper-V cannot connect to the specified Replica server '<FQDN of one of the cluster hosts>'. Error: A connection with the server could not be established (0x00002EFD). Verify that the specified server is enabled as a Replica server, allows inbound
connection on port '4000', and supports the same authentication scheme.
*Please note that when configuring replication I enter the FQDN of the broker and sometimes the above error reflects the broker FQDN and sometimes the host node FQDN's.
**I have tried port 4000 and port 443 and confirmed the host nodes are listening and port is open - both ways - from standalone server to cluster nodes.
The error shown on the cluster nodes (destination) is:
'Hyper-V Replica Broker <broker FQDN>' failed to start the network listener on destination node '<hostname of cluster node>': The certificate's CN name does not match the passed value. (0x800B010F). Please look at the event log on destination
node for more details.
I have created the certificates using the broker FQDN and I use the broker FQDN when setting up replication on the standalone server. I am using local host file entries to achieve DNS resolution since they are different domains and networks.
I would appreciate any advice or suggestions.