I am demoing the Defender SA201 Adapters and am having some difficulty working with the Defender Appliance. When I first started with XCA and the Defender Appliance a few months back, I had no issue creating a role in XCA, and that role then showed up in the appliance.
After about a day of this working fine, the appliance seemed to reset (it had me complete the setup wizard again the next time I logged in) and now whenever I create a role in XCA it doesn’t show up in the appliance. Only the default ‘DFNDR_DenyAll” and “DFNDR_PolicyGeneration” show up no matter what I do.
I created a test role and added it to the same two profiles that the aforementioned roles are a part of but this did not resolve the issue.
I am also having an issue where I have a laptop connected to the adapter, it is using ‘Role_1’ because I assigned it as the default for the network but the device does not show up under the protected device list in the Defender Application. It does however show up as a client in XCA.
I would say that nothing I do in XCA changes anything on the Defender Application side, but that is not true. I can adjust the default deny all role to allow traffic and that change will show up in the app, I can add Defender adapters and assign them to a site and they will show up in the app. For some reason the roles I create or preexisting ones I add to profiles, and the end clients attached to the adapters don’t show up in the app.
I have tried removing the application and installing a newer release, and continued to encounter the same problems. Perhaps I am just misunderstanding the relationship between certain components, but there was a point where role creation worked fine for me, and then all of a sudden it did not.
I am using XCA 04.36.03.0006 and Defender Appliance v03.21.06 in case that affects anything.
Any input would be greatly appreciated, and I will gladly clear up any vague/confusing points in the above wall of text.
Best answer by Rodney Lacroix
You will notice all default Defender roles begin “DFNDR.” Any role you want to be recognized by the Defender container that you make in either the XCA or XMC GUI must begin with DFNDR for the app to recognize it.