Troubleshoot connectivity test failures
If you ran a connectivity test, this table includes solutions for areas where the connectivity test reported failures. To confirm the overall status of the security connector, see Security Connector status.
Solutions for connectivity test failures
| Failed connectivity test check | Solution |
|---|---|
| Management interface is up | Verify that you entered valid network settings for the en2 interface (formerly the management interface). The current settings for the security connector are shown when you access the main menu, the network menu, and the diagnostics menu. To change the en2 interface settings, see Configure the en2 interface. |
| Data interface is up | Verify that you entered valid network settings for the en1 interface (formerly the data interface). The current settings for the security connector are shown when you access the main menu, the network menu, and the diagnostics menu. To change the en1 interface settings, see Configure the en1 interface. |
| Domain Name Resolution for Akamai Management Gateway | Confirm the settings for the DNS name servers. If you configured DHCP and are using the populated network settings, review the settings for the en1 and en2 interfaces. To change the settings associated with the DNS name servers, see Configure DNS name servers. |
| Domain Name Resolution for SIA CAS service | Confirm the settings for the DNS name servers. If you configured DHCP and are using the populated network settings, review the settings for the en1 and en2 interfaces. To change the settings associated with the DNS name servers, see Configure DNS name servers. |
| Domain Name Resolution for CSI Log Push service | Confirm the settings for the DNS name servers. If you configured DHCP and are using the populated network settings, review the settings for the en1 and en2 interfaces. To change the settings associated with the DNS name servers, see Configure DNS name servers. |
| Domain Name Resolution for Akamai Software Repository | Confirm the settings for the DNS name servers. If you configured DHCP and are using the populated network settings, review the settings for the en1 and en2 interfaces. To change the settings associated with the DNS name servers, see Configure DNS name servers. |
| Domain Name Resolution for Akamai DoT Cloud | Confirm the settings for the DNS name servers. If you configured DHCP and are using the populated network settings, review the settings for the en1 and en2 interfaces. To change the settings associated with the DNS name servers, see Configure DNS name servers. |
| Cert Validation for Akamai Management Gateway | If certificate validation fails while the TCP operations pass, an on-premises web proxy may interfere with the validation. If your network has a web proxy, make sure that you configure it to bypass the IP address of the en2 interface or the domains of the Akamai Management Gateway (AMG), CAS, and CSI services. To find the domains of the AMG, CAS, and CSI services, see View debug information. |
| Cert Validation for SIA CAS service | If certificate validation fails while the TCP operations pass, an on-premises web proxy may interfere with the validation. If your network has a web proxy, make sure that you configure it to bypass the IP address of the en2 interface or the domains of the AMG, CAS, and CSI services. To find the domains of the AMG, CAS, and CSI services, see View debug information. |
| Cert Validation for CSI Log Push Service | If certificate validation fails while the TCP operations pass, an on-premises web proxy may interfere with the validation. If your network has a web proxy, make sure that you configure it to bypass the IP address of the en2 interface or the domains of the AMG, CAS, and CSI services. To find the domains of the AMG, CAS, and CSI services, see View debug information. |
| Cert Validation for Akamai DoT Cloud | If certificate validation fails while the TCP operations pass, an on-premises web proxy may interfere with the validation. If your network has a web proxy, make sure that you configure it to bypass the IP address of the en2 interface or the domains of the AMG, CAS, and CSI services. To find the domains of the AMG, CAS, and CSI services, see View debug information. |
| TCP Connectivity to Akamai Management Gateway | TCP connectivity issues are likely related to your firewall configuration. Confirm that your organization's firewall allows traffic on TCP port 443 or 853 and UDP port 123. If the TCP failures are not resolved, confirm the network settings of the en1 and en2 interfaces and the DNS name servers. Note: The port number depends on the port that you configured for DoT in Security Connector. |
| TCP Connectivity to SIA CAS Service | TCP connectivity issues are likely related to your firewall configuration. Confirm that your organization's firewall allows traffic on TCP port 443 or 853 and UDP port 123. If the TCP failures are not resolved, confirm the network settings of the en1 and en2 interfaces and the DNS name servers. Note: The port number depends on the port that you configured for DoT in Security Connector. |
| TCP Connectivity to CSI Log Push Service | TCP connectivity issues are likely related to your firewall configuration. Confirm that your organization's firewall allows traffic on TCP port 443 or 853 and UDP port 123. If the TCP failures are not resolved, confirm the network settings of the en1 and en2 interfaces and the DNS name servers. Note: The port number depends on the port that you configured for DoT in Security Connector. |
| TCP Connectivity to Akamai Software Repository | TCP connectivity issues are likely related to your firewall configuration. Confirm that your organization's firewall allows traffic on TCP port 443 or 853 and UDP port 123. If the TCP failures are not resolved, confirm the network settings of the en1 and en2 interfaces and the DNS name servers. Note: The port number depends on the port that you configured for DoT in Security Connector. |
| TCP Connectivity to Akamai DoT Cloud | TCP connectivity issues are likely related to your firewall configuration. Confirm that your organization's firewall allows traffic on TCP port 443 or 853 and UDP port 123. If the TCP failures are not resolved, confirm the network settings of the en1 and en2 interfaces and the DNS name servers. Note: The port number depends on the port that you configured for DoT in Security Connector. |
Updated over 2 years ago