DPM 2016 supported algorithm? RRS feed

  • Question

  • Hello Everyone,

    I am currently attempting to migrate from DPM 2012 R2 to 2016. My DPM servers are in the same subnet, with the same access and paths to client VMs.

    I have 6 protected servers on my 2016 machine that I've successfully migrated over. They are a mixture of 2008R2 and 2012R2 servers. I've attempted to move one more and I've encountered the following error:

    "The client and server cannot communicate because they do not share a common algorithm".

    I've forcefully enabled TLS 1.0, TLS 1.1 & TLS 1.2 with legacy cipher suites on the 2016 DPM server, however no luck on that front. Considering I can protect existing 2012R2 & 2008R2 servers, I'm stumped.

    Key notes:

    • Each protected server is using certificate based protection as they are DMZ machines
    • Each server is using certs from the same CA with the same template and the same CRL
    • Only one server fails to work
    • The server that fails appears with "OK" in the agent management tab. I can also add databases to be protected in a protection group. I cannot run jobs successfully

    Has anyone had this with 2016? I'm almost ready to bin 2016 completely as it has a few other problems which I'm still trying to work though (cannot backup databases due to a keep alive error, but 2012R2 works fine)

    Saturday, August 26, 2017 5:45 AM

All replies

  • Anyone find a solution to this? When I use the IIS crypto tool to enable the right protocols I break every job due to a session timeout issue

    • Proposed as answer by Vasile Untila Thursday, November 16, 2017 4:03 PM
    • Unproposed as answer by Vasile Untila Thursday, November 16, 2017 4:03 PM
    Tuesday, September 5, 2017 12:01 AM
  • We had the save problem and was solved with activation of NULL Ciphers on client and server, then you need to restart the DPM services on both:

    Thursday, November 16, 2017 4:07 PM