Wireless Access

Reply
Contributor I
Posts: 34
Registered: ‎04-27-2009

Firewall logs and troubleshooting

This seems like it should be straightforward; but I'm calling on the experts to help!

 

I've got a user trying to get onto our captive-portal-protected guest network. He's running into issues verifying the HTTPS page's certificate. I believe it has to do with his client not being able to get to an OCSP address. I'd like to see what's getting blocked by the PEF, but I'm not sure the best way to go about it. I've used the WebUI before, but that's not the greatest method; you have to check it at just the right time to catch the problem in action. Surely there must be a way to get better detail via the CLI... ("There is...and stop calling me Shirley")

 

So experts, how do you troubleshoot PEF blocks quickly? I have an AirWave that I'm not sure how to use either, if that helps.

 

Thanks!

Guru Elite
Posts: 21,492
Registered: ‎03-29-2007

Re: Firewall logs and troubleshooting

1.  Find out the user's ip address

2.  While the user is having the issue, type "show datapath session table <ip address of user>" to see what is being requested

3.  Any traffic to port 80 ot 443, do an nslookup to that destination ip address to see what it resolves to, to determine if it is an OCSP issue.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: