Using logs to troubleshoot login problems
Use SafeLinx Client trace and SafeLinx Server logs to troubleshoot SafeLinx Client login problems.
- On the SafeLinx Client system: C:\Users\Public\Documents. . The trace file is in
- Using the SafeLinx Administrator, configure logging for the SafeLinx Server. Right click on the SafeLinx Server resource in the Left Pane and select Properties. In the SafeLinx Server properties in the Right Pane, select the Logging tab. By default, this log file is wg.log. This file is in /var/adm/ on Linux. On Windows, this file is in the installation directory under the logs directory. The default level of logging is ERROR and WARNING. For troubleshooting purposes set the Log Levels to Debug, Error, Log, Secondary Authentication and Warning log levels, and then click Apply.
- Attempt to log in from the SafeLinx Client.
- Review the SafeLinx Client trace and SafeLinx Server log or Open a Case with HCL Support.
- Link control protocol (LCP) configuration request (SafeLinx Client to SafeLinx Server)
- LCP configuration acknowledge (ACK) (SafeLinx Server to SafeLinx Client)
- LCP configuration request (SafeLinx Server to SafeLinx Client)
- LCP configuration ACK (SafeLinx Client to SafeLinx Server)
The following trace/log excerpts provide additional details. Additional authentication packets follow if secondary authentication (LDAP-bind, RADIUS, or Certificate) is being used. With secondary authentication, the tunnel is established but cannot be used to route traffic until authentication completes.
In the arttrace.txt file, find the SafeLinx Client version. Connecting uplevel clients to an earlier SafeLinx Server is not supported. The SafeLinx Server version can be found by running lswg -V.
ipdriver.cpp,328: Message to core: eMsg_PacketTransmitted, rc=eOK, Default Local IP Interface
(2516.2544)UdpPort.cpp,283: ---> write packet - length = 394 to 27.47.200.168:8894
(2516.2544)
The SafeLinx Server's External IP address is 27.47.200.168 and the SafeLinx Server is listening for the packets on port 8894.
Port.cpp,97: CPort::connect setting bind address to 192.168.0.13 (2516.11960)
Port.cpp,118: Bound to 192.168.0.13:56323 (2516.11960)
Port.cpp,261: CPort::createRoute() dest=27.47.200.168, interface=192.168.0.13,
gateway=192.168.0.1 (2516.11960)
Destination Netmask Gateway Interface Metric
27.47.200.168 255.255.255.255 192.168.0.1 192.168.0.13 10
ALP LCP-Configure Request id=0x01, Outbound
<mru 1472> <magic 0xd341202d> <pcomp> <acomp>
<encrypt AES(256)/CBC> <compress LZW> <VJ-red> <ip-addr>
<subnet mask> <version 800 HCL Technologies/MS Windows 64-bit (03200206)
Windows 7 Professional Edition version 6.1 Service Pack 1 (Build 7601)>
<routes : none> <WLP_TCP> <restricted : none> <userid>
<dns addresses : Primary DNS: Secondary DNS: Domain Name: >
<Diffie-Hellman : Client Public Key= > <WLP Session ID 0x2e3e>
<Network InformationSpeed=1000000000 Network Name=Intel(R) Ethernet Connection I217-LM>
<Build DataBuild Data=1.0.0 20160713_0936_GA> (2516.2544)
WRAPR HEX dump of 1472 bytes starting at address 009F7578: (EB0.994)
0000: C0 21 ...
ALP LCP-Configure Ack id=0x01, Inbound
<mru 1472> <magic 0xd341202d> <pcomp> <acomp>
<encrypt AES(256)/CBC> <compress LZW> <VJ-red> <ip-addr> <subnet mask>
<version 800 HCL Technologies/MS Windows 64-bit (03200206) Windows 7
Professional Edition version 6.1 Service Pack 1 (Build 7601)>
<routes : none> <WLP_TCP> <restricted : none> <userid>
<dns addresses : Primary DNS: Secondary DNS: Domain Name: >
<Diffie-Hellman : Client Public Key=> <WLP Session ID 0x2e3e>
<Network InformationSpeed=1000000000 Network Name=Intel(R) Ethernet
Connection I217-LM>
<Build DataBuild Data=1.0.0 20160713_0936_GA> (2516.10548)
Inbound LCP configuration request (SafeLinx Server to SafeLinx Client).
ALP LCP-Configure Request id=0x01, Inbound
<magic 0x3d6c4324> <pcomp> <encrypt AES(256)/CBC> <compress LZW>
<auth EAP 0x00> <VJ-red> <ip-addr> <subnet mask>
<routes : not listed> <version 800 HCL Technologies/AIX (03200205)> <WLP Session
ID 0x2e3e>
<Transport Profile Compression=FALSE, Balance Fragments=TRUE, Header
Reduction=FALSE, Packet Joining=FALSE, IP Forwarding=TRUE, TCP Opt=FALSE,
Network MTU=1472, IP Stack MTU=1448, TCP Initial RTT=3, TCP ACK Delay=0, WLP
Transmit Delay=0, LCP Echo Interval=0,
TCP Opt TTL=0, TCP Window=0, TCP Burst Rate=0, TCP Max Retransmits=0>
<restricted : > <session key> <Diffie-Hellman : Gateway Public Key=> (2516.10548)
ALP LCP-Configure Ack id=0x01, Outbound
<magic 0x3d6c4324> <pcomp> <encrypt AES(256)/CBC> <compress LZW>
<auth EAP 0x00> <VJ-red> <ip-addr> <subnet mask>
<routes : not listed> <version 800 HCL Technologies/AIX (03200205)> <WLP
Session ID 0x2e3e>
<Transport Profile Compression=FALSE, Balance Fragments=TRUE, Header
Reduction=FALSE, Packet Joining=FALSE, IP Forwarding=TRUE, TCP Opt=FALSE,
Network MTU=1472, IP Stack MTU=1448, TCP Initial RTT=3, TCP ACK Delay=0, WLP
Transmit Delay=0, LCP Echo Interval=0,
TCP Opt TTL=0, TCP Window=0, TCP Burst Rate=0, TCP Max Retransmits=0>
<restricted : > <session key> <Diffie-Hellman : Gateway Public Key> (2516.10548)
ALP PPP-EAP: Request id=0x00, Inbound
<major EXPANDED_EAP> <minor LDAP Bind> <vendor HCL> <PPP_PAP>
<rc=0x00000000>
<version=0x00> <flags R I> <length 15>
<REALM BluepagesAuth> (2516.10548)
01/10/2017 15:05:30:0996 EAP
eap_recv_request: Rcvd id 0. (2516.10548)
DATAMGR Sending secondary authentication to gateway u=17 p=8 (2516.10548)
EAP eap_set_config: enter (2516.10548)
EAP eap_set_config: ALP_EAP_LDAPBIND_LOGIN, (3) ????????mpe@??????h6??t?)5535:??????????????(2516.10548)
EAP eap_send_response: sending Expanded EAP! (2516.10548)
ALP PPP-EAP: Response id=0x00, Outbound
<major EXPANDED_EAP> <minor LDAP Bind> <vendor HCL> <PPP_PAP>
<version=0x00> <flags R I> <length 63>
<IDENTITY ????????m>
<REALM BluepagesAuth.com>
<SECRET=**SECRET**> (2516.10548)
From this response you can tell that the authentication method being used during this login is an LDAP-Bind method.
IncomingEAP HEX dump of 4 bytes starting at address 03034148: (2516.10548)
0000: 03 00 00 04 <....>
CONNMGR Message to API clients: eMsg_PacketReceived, rc=eOK (2516.11960)
ALP PPP-EAP: Success id=0x00, Inbound (2516.10548)
DATAMGR Gratuitous ARP Received (EB0.F4C)
DATAMGR Adding route: Destination = 9.9.9.9 Mask = 255.255.255.255 (EB0.F4C)
DATAMGR Adding route: Destination = 10.3.3.0 Mask = 255.255.255.0 (EB0.F4C)
DATAMGR Now logged onto gateway x.x.x.x with local ip=x.x.x.x, subnet=x.x.x.x
(2516.10548)
DATAMGR DNS: Domain (sampledomain.com), Primary (x.x.x.x), Secondary (x.x.x.x),
WINS Primary (x.x.x.x), Secondary (x.x.x.x) (2516.10548)
DATAMGR Network MTU (1472), IP Stack MTU (1448) (2516.10548)
DATAMGR Network Name: Intel(R) Ethernet Connection I217-LM (2516.10548)
DATAMGR Network ID: x.x.x.x (2516.10548)
UdpPort: received data from <client real IP address> port <client MNC port> (1472)
on port <server MNC port>
0000: c0 21 . . .
WLP: queueing LCP packet from device <client real IP address>:<client MNC port>
for processing
First occurence of device <client real IP address>:<client MNC port> in the system -
creating an account for it
. . . Database calls follow.
. .DHCP_System::assign: (entry)
DHCP_System::assign: (return), rc=0
WLP_Session::setTransportProfile: (entry)
[<user Id> (client real IP address>:<client MNC port>)] PPP-FSM: rconfreq - received
CONFREQ with id1
[<user ID>(<client real IP address>:<client MNC port>)] PPP-LCP: lcp_reqci -
received MRU
PPP-LCP: lcp_reqci - received MRU-value 1472
PPP-LCP: lcp_reqci - ACK
...
PPP-LCP: lcp_reqci - ACK
PPP-LCP: lcp_reqci - returning CONFACK.
...
WLP: delivering WLP data (256) to account
<user ID>(client real IP address>:<client MNC port>)
ip-lan0::deliver: (entry)
ip-lan0: delivering packet (256)
0000: c0 21 . . .
PPP-LCP: fsm_sconfreq - sending Configure-Request, id 1
PPP-LCP: fsm_rconfack - received id 1
Trap: 'AG: connection established' (10.3.3.2/ip-lan)
The active session database is then updated and database calls follow.