Error: Could not connect to the JSS. Status – 503

Standard

This weekend our firewalls were replaced with us moving from one vendor to another. This took a little longer than required due to some issues with rules & inside outside definitions, but my colleague was more than up to the challenge.

This change  required our VPN config profile to be re-pushed, it seemed to work. But further testing revealed we had an issue.

We have a simple cluster for our JSS with one server “cloud” accessible in the DMZ & another on our WAN that is our master JSS, post firewall change I checked:

  • Cluster was being seen within JSS.
  • External JSS was contactable.
  • Clients could enrol & get Config Profiles.
  • DMZ could telnet Master JSS on port 3306 for MySQL.
  • Both DMZ & Master JSS Macs could telnet the 3 addresses below on the ports given (from this Apple Tech Note).

telnet 1-courier.push.apple.com 5223
telnet gateway.sandbox.push.apple.com 2195
telnet gateway.push.apple.com 2195

Sadly I didn’t run a Recon externally, if i had i would’ve stumbled over the error:

Could not connect to the JSS. Status – 503

After a fair bit of checking & re-checking, I re-ran the JSS Installer on the DMZ server. This resolved the issue for me.

I’m guessing that as the DMZ lost connection with the Master JSS for a period of time, something had bombed out.

Below is a image of our cluster, to help you visualise our setup. If it happens again, I’ll attempt to delve deeper.

DMZ

One thought on “Error: Could not connect to the JSS. Status – 503

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.