Wireless Access

Contributor I

Firewall logs and troubleshooting

This seems like it should be straightforward; but I'm calling on the experts to help!


I've got a user trying to get onto our captive-portal-protected guest network. He's running into issues verifying the HTTPS page's certificate. I believe it has to do with his client not being able to get to an OCSP address. I'd like to see what's getting blocked by the PEF, but I'm not sure the best way to go about it. I've used the WebUI before, but that's not the greatest method; you have to check it at just the right time to catch the problem in action. Surely there must be a way to get better detail via the CLI... ("There is...and stop calling me Shirley")


So experts, how do you troubleshoot PEF blocks quickly? I have an AirWave that I'm not sure how to use either, if that helps.



Guru Elite

Re: Firewall logs and troubleshooting

1.  Find out the user's ip address

2.  While the user is having the issue, type "show datapath session table <ip address of user>" to see what is being requested

3.  Any traffic to port 80 ot 443, do an nslookup to that destination ip address to see what it resolves to, to determine if it is an OCSP issue.

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Search Airheads
Showing results for 
Search instead for 
Did you mean: