Troubleshoot an Airwall Gateway's connection to the Conductor
Some basic steps to troubleshoot basic connectivity issues between an online Airwall Gateway and the Conductor.
Requirements
- Connected to the Conductor – If you have not, see Configure an Airwall Gateway with the airsh Setup Wizard.
- Online – If the Airwall Gateway is offline, check that it is powered on, or see Troubleshoot Initial Airwall Gateway connections.
Check connectivity
- On the page for the Airwall Gateway, go to .
- Select Ping all devices.
-
If the test fails, this could mean ICMP (Internet Control Message Protocol)
packets are blocked by the firewall, or that there is not an active
connection between the Airwall Gateway and devices connected to it.
Note: Airwall Agents and Servers that are not currently running will not show up.
Run a trace route
- On the page for the Airwall Gateway, go to .
- Scroll down to Traceroute and enter the IP address of the device you want to test.
- Choose the interface, and select Traceroute.
- Check the result to see whether UDP 10500 can traverse your network or is blocked by the firewall.
- If it is blocked, unblock UDP 10500 on your firewall.
Check secure tunnels
- On the page for the Airwall Gateway, go to .
- Select Check secure tunnels.
- Review the result to see if your tunnels are forming.
Capture networking data
- On the page for the Airwall Gateway, go to .
- Select Start a Packet capture, and enter the options for the issue you're having.
- Try to do what you are having issues with, then return and select Stop packet capture.
- When the Conductor is finished processing the packet capture, select Download and view the packet capture (PCAP) file to analyze HIP and other relevant network traffic.
Create a diagnostic report
- On the page for the Airwall Gateway, go to .
- Under Airwall Gateway diagnostic report, select Request a diagnostic report. The Conductor generates a report.
- Click Download and review the report for information that can help with troubleshooting.