Troubleshooting helps you resolve common problems in the Engine and Secure SD-WAN Manager.
Some common alert and log messages that you might see in the Logs view are useful for troubleshooting.
Log messages provide useful information for troubleshooting.
This online help was created for Secure SD-WAN Manager, version 6.10.100.0.
Before setting up FlexEdge Secure SD-WAN, it is useful to know what the different components do and what engine roles are available.
Before you can set up the system and start configuring elements, you must consider how the different Secure SD-WAN Manager components should be positioned and deployed.
After deploying the Secure SD-WAN Manager components, you are ready to start using the Management Client and carrying out some of the first configuration tasks.
You can use the Secure SD-WAN Manager to monitor system components and third-party devices. You can also view and filter logs, and create Reports from them.
You can command and set options for engines through the Management Client or on the engine command line. You can also stop traffic manually.
Secure SD-WAN Manager configuration allows you to customize how the Secure SD-WAN Manager components work.
You can create and modify Firewalls, IPS engines, Layer 2 Firewalls, Master Engines and Virtual Engines. You can configure the Engine properties, activate optional features, and configure advanced Engine settings.
Use the Management Client to configure static or dynamic routing, and use a Multi-Link configuration to manage and distribute inbound and outbound connections.
Policies are key elements that contain rules for allowing or blocking network traffic and inspecting the content of traffic.
User accounts are stored in internal databases or external directory servers. You can use Engine in the Firewall/VPN role or external authentication servers to authenticate users.
Engine supports both policy-based and route-based VPN (virtual private network) tunnels between VPN gateways. For full remote access, Engine supports both IPsec and SSL VPN tunnels for VPN clients.
Maintenance includes procedures that you do not typically need to do frequently.
General troubleshooting tips help you troubleshoot situations that are not covered by more specific troubleshooting topics.
There are several common problems and solutions related to accounts and passwords.
Alert log messages provide useful information for troubleshooting.
Logs might contain the message “connection closed abnormally” if the connection closing does not occur in the expected order of a normal TCP connection.
The “Connection removed during connection setup” message in logs notifies you that a connection was abnormally cut during the TCP connection setup phase because of an RST (reset) sent by one of the communicating parties.
Logs that contain “connection state might be too large” messages indicate problems with synchronizing state information between nodes in a Firewall Cluster.
Connection timeout log messages are generated for inactive connections that the Firewall clears out from its connection tracking table.
Logs that contain “incomplete connection closed” messages indicate that a Firewall determined that a connection was unsuccessful and removed it from its records.
Logs that contain NAT balance messages indicate that connections were dropped when the Firewall tried to forward the connections after applying NAT.
Logs that contain “Not a Valid SYN Packet” messages indicate that packets were discarded due to connection tracking.
Logs that contain “Requested NAT cannot be done” error messages can indicate problems with dynamic NAT or Server Pools.
Error messages provide useful information for troubleshooting.
There are several common errors and problems that are directly related to the operation of Firewalls, IPS engines, and Layer 2 Firewalls.
Licenses are a proof of purchase used for ensuring that your organization is a legal license holder of the software.
There are some common problems you might encounter when viewing logs or performing tasks related to the log files.
There are several general problems that you might encounter when using the Management Client.
There are some common problems you might encounter with NAT.
There are some common problems you might encounter when working with policies and the rules that they contain.
There are some common problems that you might encounter when generating reports from raw statistical and log data stored on the Log Server.
There are some common problems that you might encounter when upgrading Secure SD-WAN Manager components.
There are some common problems that you might encounter when creating and managing VPNs.