Troubleshooting helps you resolve common problems in the Secure SD-WAN and SMC.
Some common alert and log messages that you might see in the Logs view are useful for troubleshooting.
Log messages provide useful information for troubleshooting.
Link to the latest FlexEdge Secure SD-WAN online documentation.
This online help was created for Forcepoint FlexEdge Secure SD-WAN, version 7.2.
Before setting up Forcepoint FlexEdge Secure SD-WAN, it is useful to know what the different components do and what engine roles are available.
Before you can set up the system and start configuring elements, you must consider how the different SMC components should be positioned and deployed.
After deploying the SMC components, you are ready to start using the Management Client and carrying out some of the first configuration tasks.
You can use the SMC to monitor system components and third-party devices. You can also view and filter logs, and create Reports from them.
You can command and set options for engines through the Management Client or on the engine command line. You can also stop traffic manually.
SD-WAN Manager configuration allows you to customize how the SMC components work.
You can create and modify Engines, IPS engines, Layer 2 Engines, Master Engines and Virtual Secure SD-WAN Engines. You can configure the Secure SD-WAN Engine properties, activate optional features, and configure advanced Secure SD-WAN Engine settings.
Use the Management Client to configure static or dynamic routing, and use a Multi-Link configuration to manage and distribute inbound and outbound connections.
Policies are key elements that contain rules for allowing or blocking network traffic and inspecting the content of traffic.
User accounts are stored in internal databases or external directory servers. You can use Secure SD-WAN in the Engine/VPN role or external authentication servers to authenticate users.
Secure SD-WAN supports both policy-based and route-based VPN tunnels between VPN gateways. For full remote access, Secure SD-WAN supports both IPsec and SSL VPN tunnels for VPN clients.
Maintenance includes procedures that you do not typically need to do frequently.
General troubleshooting tips help you troubleshoot situations that are not covered by more specific troubleshooting topics.
There are several common problems and solutions related to Administrator accounts and passwords.
Alert log messages provide useful information for troubleshooting.
Logs might contain the message “connection closed abnormally” if the connection closing does not occur in the expected order of a normal TCP connection.
The “Connection removed during connection setup” message in logs notifies you that a connection was abnormally cut during the TCP connection setup phase because of an RST (reset) sent by one of the communicating parties.
Logs that contain “connection state might be too large” messages indicate problems with synchronizing state information between nodes in a Engine Cluster.
Connection timeout log messages are generated for inactive connections that the Engine clears out from its connection tracking table.
Logs that contain “incomplete connection closed” messages indicate that a Engine determined that a connection was unsuccessful and removed it from its records.
Logs that contain NAT balance messages indicate that connections were dropped when the Engine tried to forward the connections after applying NAT.
Logs that contain “Not a Valid SYN Packet” messages indicate that packets were discarded due to connection tracking.
Logs that contain “Requested NAT cannot be done” error messages can indicate problems with dynamic NAT or Server Pools.
Error messages provide useful information for troubleshooting.
There are several common errors and problems that are directly related to the operation of Engines, IPS engines, and Layer 2 Engines.
Licenses are a proof of purchase used for ensuring that your organization is a legal license holder of the software.
There are some common problems you might encounter when viewing logs or performing tasks related to the log files.
There are several general problems that you might encounter when using the Management Client.
There are some common problems you might encounter with NAT.
There are some common problems you might encounter when working with policies and the rules that they contain.
There are some common problems that you might encounter when generating reports from raw statistical and log data stored on the Log Server.
There are some common problems that you might encounter when upgrading SMC components.
There are some common problems that you might encounter when creating and managing VPNs.