Wireless Access

last person joined: 11 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Firewall logs and troubleshooting

This thread has been viewed 4 times

  • 1.  Firewall logs and troubleshooting

    Posted Jan 05, 2012 08:40 AM

    This seems like it should be straightforward; but I'm calling on the experts to help!

     

    I've got a user trying to get onto our captive-portal-protected guest network. He's running into issues verifying the HTTPS page's certificate. I believe it has to do with his client not being able to get to an OCSP address. I'd like to see what's getting blocked by the PEF, but I'm not sure the best way to go about it. I've used the WebUI before, but that's not the greatest method; you have to check it at just the right time to catch the problem in action. Surely there must be a way to get better detail via the CLI... ("There is...and stop calling me Shirley")

     

    So experts, how do you troubleshoot PEF blocks quickly? I have an AirWave that I'm not sure how to use either, if that helps.

     

    Thanks!



  • 2.  RE: Firewall logs and troubleshooting

    EMPLOYEE
    Posted Jan 05, 2012 08:44 AM

    1.  Find out the user's ip address

    2.  While the user is having the issue, type "show datapath session table <ip address of user>" to see what is being requested

    3.  Any traffic to port 80 ot 443, do an nslookup to that destination ip address to see what it resolves to, to determine if it is an OCSP issue.