Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Current »

When you experience service-related issues with your BloxOne edges, you can troubleshoot from within the Cloud Services Portal. You can run diagnostic reports for Site-to-Site VPN, Edge Services Firewall, and Edge Services Router. To perform corrective actions and fix issues, you will need to obtain configuration and connectivity data through the service's troubleshooting page.

Depending on your license(s), you might or might not see the following information:

Troubleshooting Site-to-Site VPN

To troubleshoot your BloxOne Site-to-Site VPN, do the following:

  1. Enable Site-to-Site VPN from Manage > On-Prem Hosts, select the on-prem host, click Edit > Applications & Services tab, find the Site-to-Site VPN service, and click the toggle button to show Enabled
    Note that if you do not enable the application, the troubleshooting information does not show up. 
  2. Click Save & Close.
  3. To perform troubleshooting, click the On-Prem Host drop-down menu > Troubleshoot > Site-to-Site VPN Diagnostics.
  4. On the Troubleshoot page, click Run Site-to-Site VPN Diagnostics
  5. A command is sent to the on-prem host to gather the output, which will show up on this page. The following is an example of the output:

  6. To export the diagnostics report as a .txt file, click Download. To return to the On-Prem Hosts page, click Cancel.  
    For more information about the diagnostics output, see the Troubleshooting Field Names table in this topic. 
    For more information about troubleshooting BloxOne products, see Troubleshooting On-Prem Hosts.

Troubleshooting Firewall

To troubleshoot your BloxOne Service Edge firewall, do the following:

  1. Enable Edge Services Firewall from Manage > On-Prem Hosts, select the on-prem host > Edit > Applications & Services tab, find the Edge Services Firewall service, and click the toggle button to show Enabled.
    Note that if you do not enable the application, the troubleshooting information does not show up. 
  2. Click Save & Close.
  3. To perform troubleshooting, click the On-Prem Host drop-down menu > Troubleshoot > Firewall Diagnostics.
  4. On the Troubleshoot page, click Run Firewall Diagnostics
  5. A command is sent to the on-prem host to gather the output, which will show up on this page. The following is an example of the output:

  6. To export the diagnostics report as a .txt file, click Download. To return to the On-Prem Hosts page, click Cancel
    For more information about the diagnostics output, refer to the Troubleshooting Field Names table in this topic. 
    For more information about troubleshooting BloxOne products, see Troubleshooting On-Prem Hosts.

Troubleshooting Routing

To troubleshoot your BloxOne Service Edge routing, do the following:

  1. Enable Edge Services Router from Manage > On-Prem Hosts, select the on-prem host > Edit > Applications & Services tab, find the Edge Services Router service, and click the toggle button to show Enabled.
    Note that if you do not enable the application, the troubleshooting information does not show up. 
  2. Click Save & Close.
  3. To perform troubleshooting, click the On-Prem Host drop-down menu > Troubleshoot > Routing Diagnostics.
  4. On the Troubleshoot page, click Run Routing Diagnostics

  5. To export the diagnostics report as a .txt file, click Download. To return to the On-Prem Hosts page, click Cancel.
    For more information about the diagnostics output, refer to the Troubleshooting Field Names table in this topic. 
    For more information about troubleshooting BloxOne products, see Troubleshooting On-Prem Hosts

Troubleshooting Field Names

Field NameDescription
IPsec connection status

Displays the status of the IPsec connection for all peers that the branch is aware of. You can also determine the state of the IPsec connection for a remote peer. 

IPsec counters

Displays a list of all Internet Key Exchange (IKE) protocol counters. 

IPsec configuration fileDisplays information about the Strongswan Charon configuration setup.
OVSDB

Displays a summary of the Open VSwitch Database (OVSDB) content from the edge.

Edge Service ACL (LAN)

The table contains ACL rules for the following packets:

  • Packets that flow from within a branch to the outside
  • Packets that arrive on tunnel ports and are destined to local subnets within the branch
Edge Service ACL (WAN)Displays packets that flow from the outside of a branch to the inside.
Edge Service DNAT (LAN)Displays rules that map the appropriate DNAT mappings for packets flowing from the inside of the branch to the outside. These will replace the internal LAN based addresses and service ports to WAN addresses and corresponding service ports. 
Edge Service DNAT (WAN)Displays rules for mapping the appropriate DNAT mappings for packets coming from the outside of a branch to the inside. These will replace the external WAN–based addresses and service ports to LAN addresses and corresponding service ports.
Edge Service bridge summaryDisplays contents of your Edge Service bridge.
IP routeUsed to route the packet to the desired destination.
NetstatHelps determine which TCP/UDP ports are open on the edge and the process that owns the socket.
Routing Service BGPDisplays the BGP routing protocol configuration and the runtime state information. Shows the device that did not have BGP enabled where the output was sampled.
RIP protocolDisplays information about the current configuration and the runtime state, such as versioning and hostnames.
  • No labels