Troubleshoot connectivity test failures

If you ran a connectivity test, this table includes solutions for areas where the connectivity test reported failures. To confirm the overall status of the security connector, see Security Connector status.

Solutions for connectivity test failures

Failed connectivity test check

Solution

Management interface is up

Verify that you entered valid network settings for the en2 interface (formerly the management interface). The current settings for the security connector are shown when you access the main menu, the network menu, and the diagnostics menu. To change the en2 interface settings, see Configure the en2 interface.

Data interface is up

Verify that you entered valid network settings for the en1 interface (formerly the data interface). The current settings for the security connector are shown when you access the main menu, the network menu, and the diagnostics menu. To change the en1 interface settings, see Configure the en1 interface.

Domain Name Resolution for Akamai Management Gateway

Confirm the settings for the DNS name servers.

If you configured DHCP and are using the populated network settings, review the settings for the en1 and en2 interfaces.

To change the settings associated with the DNS name servers, see Configure DNS name servers.

Domain Name Resolution for ETP CAS service

Confirm the settings for the DNS name servers.

If you configured DHCP and are using the populated network settings, review the settings for the en1 and en2 interfaces.

To change the settings associated with the DNS name servers, see Configure DNS name servers.

Domain Name Resolution for CSI Log Push service

Confirm the settings for the DNS name servers.

If you configured DHCP and are using the populated network settings, review the settings for the en1 and en2 interfaces.

To change the settings associated with the DNS name servers, see Configure DNS name servers.

Domain Name Resolution for Akamai Software Repository

Confirm the settings for the DNS name servers.

If you configured DHCP and are using the populated network settings, review the settings for the en1 and en2 interfaces.

To change the settings associated with the DNS name servers, see Configure DNS name servers.

Domain Name Resolution for Akamai DoT Cloud

Confirm the settings for the DNS name servers.

If you configured DHCP and are using the populated network settings, review the settings for the en1 and en2 interfaces.

To change the settings associated with the DNS name servers, see Configure DNS name servers.

Cert Validation for Akamai Management Gateway

If certificate validation fails while the TCP operations pass, an on-premises web proxy may interfere with the validation. If your network has a web proxy, make sure that you configure it to bypass the IP address of the en2 interface or the domains of the Akamai Management Gateway (AMG), CAS, and CSI services.

To find the domains of the AMG, CAS, and CSI services, see View debug information.

Cert Validation for ETP CAS service

If certificate validation fails while the TCP operations pass, an on-premises web proxy may interfere with the validation. If your network has a web proxy, make sure that you configure it to bypass the IP address of the en2 interface or the domains of the AMG, CAS, and CSI services.

To find the domains of the AMG, CAS, and CSI services, see View debug information.

Cert Validation for CSI Log Push Service

If certificate validation fails while the TCP operations pass, an on-premises web proxy may interfere with the validation. If your network has a web proxy, make sure that you configure it to bypass the IP address of the en2 interface or the domains of the AMG, CAS, and CSI services.

To find the domains of the AMG, CAS, and CSI services, see View debug information.

Cert Validation for Akamai DoT Cloud

If certificate validation fails while the TCP operations pass, an on-premises web proxy may interfere with the validation. If your network has a web proxy, make sure that you configure it to bypass the IP address of the en2 interface or the domains of the AMG, CAS, and CSI services.

To find the domains of the AMG, CAS, and CSI services, see View debug information.

TCP Connectivity to Akamai Management Gateway

TCP connectivity issues are likely related to your firewall configuration. Confirm that your organization's firewall allows traffic on TCP port 443 or 853 and UDP port 123. If the TCP failures are not resolved, confirm the network settings of the en1 and en2 interfaces and the DNS name servers.

Note: The port number depends on the port that you configured for DoT in Security Connector.

TCP Connectivity to ETP CAS Service

TCP connectivity issues are likely related to your firewall configuration. Confirm that your organization's firewall allows traffic on TCP port 443 or 853 and UDP port 123. If the TCP failures are not resolved, confirm the network settings of the en1 and en2 interfaces and the DNS name servers.

Note: The port number depends on the port that you configured for DoT in Security Connector.

TCP Connectivity to CSI Log Push Service

TCP connectivity issues are likely related to your firewall configuration. Confirm that your organization's firewall allows traffic on TCP port 443 or 853 and UDP port 123. If the TCP failures are not resolved, confirm the network settings of the en1 and en2 interfaces and the DNS name servers.

Note: The port number depends on the port that you configured for DoT in Security Connector.

TCP Connectivity to Akamai Software Repository

TCP connectivity issues are likely related to your firewall configuration. Confirm that your organization's firewall allows traffic on TCP port 443 or 853 and UDP port 123. If the TCP failures are not resolved, confirm the network settings of the en1 and en2 interfaces and the DNS name servers.

Note: The port number depends on the port that you configured for DoT in Security Connector.

TCP Connectivity to Akamai DoT Cloud

TCP connectivity issues are likely related to your firewall configuration. Confirm that your organization's firewall allows traffic on TCP port 443 or 853 and UDP port 123. If the TCP failures are not resolved, confirm the network settings of the en1 and en2 interfaces and the DNS name servers.

Note: The port number depends on the port that you configured for DoT in Security Connector.


Did this page help you?