Troubleshooting helps you resolve common problems in the Forcepoint NGFW and SMC.
Some common alert and log messages that you might see in the Logs view are useful for troubleshooting.
Log messages provide useful information for troubleshooting.
This online help was created for Forcepoint Next Generation Firewall (Forcepoint NGFW), version 7.0.0.
Before setting up Forcepoint Next Generation Firewall (Forcepoint NGFW), it is useful to know what the different components do and what engine roles are available.
Before you can set up the system and start configuring elements, you must consider how the different SMC components should be positioned and deployed.
After deploying the SMC components, you are ready to start using the Management Client and carrying out some of the first configuration tasks.
You can use the SMC to monitor system components and third-party devices. You can also view and filter logs, and create Reports from them.
You can command and set options for engines through the Management Client or on the engine command line. You can also stop traffic manually.
Security Management Center (SMC) configuration allows you to customize how the SMC components work.
You can create and modify Firewalls, IPS engines, Layer 2 Firewalls, Master NGFW Engines and Virtual NGFW Engines. You can configure the NGFW Engine properties, activate optional features, and configure advanced NGFW Engine settings.
Use the Management Client to configure static or dynamic routing, and use a Multi-Link configuration to manage and distribute inbound and outbound connections.
Policies are key elements that contain rules for allowing or blocking network traffic and inspecting the content of traffic.
User accounts are stored in internal databases or external directory servers. You can use Forcepoint NGFW in the Firewall/VPN role or external authentication servers to authenticate users.
Forcepoint NGFW supports both policy-based and route-based VPN (virtual private network) tunnels between VPN gateways. For full remote access, Forcepoint NGFW supports both IPsec and SSL VPN tunnels for VPN clients.
Maintenance includes procedures that you do not typically need to do frequently.
General troubleshooting tips help you troubleshoot situations that are not covered by more specific troubleshooting topics.
There are several common problems and solutions related to Administrator accounts and passwords.
Alert log messages provide useful information for troubleshooting.
Logs might contain the message “connection closed abnormally” if the connection closing does not occur in the expected order of a normal TCP connection.
The “Connection removed during connection setup” message in logs notifies you that a connection was abnormally cut during the TCP connection setup phase because of an RST (reset) sent by one of the communicating parties.
Logs that contain “connection state might be too large” messages indicate problems with synchronizing state information between nodes in a Firewall Cluster.
Connection timeout log messages are generated for inactive connections that the Firewall clears out from its connection tracking table.
Logs that contain “incomplete connection closed” messages indicate that a Firewall determined that a connection was unsuccessful and removed it from its records.
Logs that contain NAT balance messages indicate that connections were dropped when the Firewall tried to forward the connections after applying NAT.
Logs that contain “Not a Valid SYN Packet” messages indicate that packets were discarded due to connection tracking.
Logs that contain “Requested NAT cannot be done” error messages can indicate problems with dynamic NAT or Server Pools.
Error messages provide useful information for troubleshooting.
There are several common errors and problems that are directly related to the operation of Firewalls, IPS engines, and Layer 2 Firewalls.
Licenses are a proof of purchase used for ensuring that your organization is a legal license holder of the software.
There are some common problems you might encounter when viewing logs or performing tasks related to the log files.
There are several general problems that you might encounter when using the Management Client.
There are some common problems you might encounter with NAT.
There are some common problems you might encounter when working with policies and the rules that they contain.
There are some common problems that you might encounter when generating reports from raw statistical and log data stored on the Log Server.
There are some common problems that you might encounter when upgrading SMC components.
There are some common problems that you might encounter when creating and managing VPNs.