Content Gateway alarm messages

The following table describes alarm messages that you may see in the Content Gateway manager.

Message Description/Solution
The Content Gateway subscription has expired. Please refer to the Knowledge base article 33797.
Content Gateway subscription download failed. Content Gateway was unable to connect to the download server to verify the subscription information. Please check your connection to the download server.
After several attempts, Content Gateway failed to connect to the Database Download Service. Please troubleshoot the connection. Verify that Content Gateway is able to access the Internet. Check firewall and upstream proxy server settings that might prevent Content Gateway from connecting to the download server.
After several attempts, Content Gateway failed to connect to the Policy Server. Please troubleshoot the connection. Verify that there is network connectivity between Content Gateway and the Policy Server machine. Sometimes firewall settings block connectivity. Also confirm that Policy Server is running.
After several attempts, Content Gateway failed to connect to the Policy Broker. Please troubleshoot the connection. Verify that there is network connectivity between Content Gateway and Policy Broker. Sometimes firewall settings block connectivity. Also confirm that Policy Broker is running.
After several attempts, Content Gateway failed to connect to Filtering Service. Please troubleshoot the connection. Please refer to the Knowledge base article 41457. Verify that there is network connectivity between Content Gateway and the Filtering Service machine. Sometimes firewall settings block connectivity. Also confirm that Filtering Service is running.
Communication with the analytics engine has failed. Please restart Content Gateway. Restart Content Gateway.
SSL decryption has been disabled due to an internal error, please restart Content Gateway. There was a fatal error in SSL Support. Please restart Content Gateway.
[Rollback::Rollback] Config file is read-only: filename Go to the Content Gateway config directory (default location is /opt/WCG/config) and check the indicated file permissions; change them if necessary.
[Rollback::Rollback] Unable to read or write config file filename Go to the Content Gateway config directory and make sure the indicated file exists. Check its permissions and change them if necessary.
[Content Gateway Manager] Configuration File Update Failed error_number Go to the Content Gateway config directory and check the indicated file permissions; change them if necessary.
Access logging suspended - configured space allocation exhausted. The space allocated to the event log files is full. You must either increase the space or delete some log files to enable access logging to continue. To prevent this from happening, consider rolling log files more frequently and enabling the autodelete feature. See Rolling event log files.
Access logging suspended - no more space on the logging partition. The entire partition containing the event logs is full. You must delete or move some log files to enable access logging to continue. To prevent this from happening, consider rolling log files more frequently and enabling the autodelete feature. See Rolling event log files.
Created zero length place holder for config file filename Go to the Content Gateway config directory and check the indicated file. If it is indeed zero in length, use a backup copy of the configuration file.
Content Gateway can’t open filename for reading custom formats Make sure that the proxy.config.log2.config_file variable in the records.config file contains the correct path to the custom log configuration file (the default is logging/logs.config).
Content Gateway could not open logfile filename Check permissions for the indicated file and the logging directory.
Content Gateway failed to parse line line_number of the logging config file filename Check your custom log configuration file. There may be syntax errors. See Custom logging fields for correct custom log format fields.
vip_config binary is not setuid root, manager will be unable to enable virtual ip addresses The content_manager process is not able to set virtual IP addresses. You must setuid root for the vip_config file in the Content Gateway bin directory.
Content Gateway cannot parse the ICAP URI. Please ensure that the URI is entered correctly in Content Gateway Manager or in the proxy.config.icap.ICAPUri configuration variable.

The Universal Resource Identifier (URI) is not in the correct format. Enter the URI as follows:

icap://hostname:port/path

See Working With Web DLP for additional details on the format of the URI.
The specified ICAP server does not have a DNS entry. Please ensure that a valid DSS hostname is entered correctly in Content Gateway Manager or in the proxy.config.icap.ICAPUri configuration variable.

The hostname in the records.config file does not match any entries in the DNS. Ensure that the name of a valid Forcepoint DLP server is entered correctly in the Content Gateway manager.

See Working With Web DLP for information about the format of the URI.
Content Gateway is not able to communicate with the DSS server. Please try again. Ensure that the Forcepoint management server is up and running, and accepting connections on the port specified in the proxy.config.icap.ICAPUri variable. Contact your Forcepoint DLP administrator if this message persists.
Domain controller domain_controller_name:port is down. The named NTLM domain controller is not responding to requests and has been marked as down. Investigation the status of the domain controller.
Windows domain [domain name] unreachable or bad membership status

This alarm can indicate any of the following:

  1. The Active Directory is unreachable. The AD server is either down or there is a network connectivity problem.
  2. The AD is reachable, but there is a configuration problem that prevents it from communicating with Content Gateway. For example, the alarm is generated if the AD has multiple Sites and the subnet that Content Gateway resides on has not been added to one of them.
The Scanning Data Files Update option (My Proxy > Subscription) is set to ‘suspend updates’. To get the best protection, set it to ‘no delay’, or, on a backup system, use a time- based option.

This alarm is a reminder that downloads of the security scanning data files used by Content Gateway analysis has been suspended.

It is recommended that you not clear this alarm until the delay time has been reset.

Port Mirroring cannot work unless SSL decryption is enabled also.

Please enable SSL decryption (HTTPS) if you want to use the Port Mirroring feature.

(Appliance deployments only)

Ensure the SSL decryption (HTTPS) is enabled before attempting to use Port Mirroring.
The mirror interface <int> cannot be connected for Port Mirroring. Please check the interface configuration or edit the interface value.

(Appliance deployments only)

The interface configured for Port Mirroring is not valid, is not active, or requires configuration.
An unexpected error has occurred with the Office365 Bypass feature. Please refer to the Knowledge base article 36961. A processing error has occurred and requests to Office 365 products may not be bypassing authentication or the proxy. Technical Support assistance is required to correct the problem.
An error message has occurred when you exceeded the 1000 concurrent connection limit Please refer to the Knowledge base article 41458.