Gathering data DURING a network-related outage for IPsec
Article ID: 171342
Updated On:
Products
Cloud Secure Web Gateway - Cloud SWG
Issue/Introduction
You are currently experiencing a network-related outage, and need to gather information to provide to Symantec.
Note: If you need to submit this information after the outage has ended, see Gathering data AFTER a network-related outage for IPsec.
Resolution
During a network-related outage, Symantec requests the following information, which provides helpful insight, diagnostics, and other essential data.
Requested information during an outage
- The affected location's Egress IP address(es).
- The specific data-pod and data-center the affected location was connected to (using http://pod.threatpulse.com)
- The time that the outage began.
- How did you determine this issue is occurring?
- Is HTTP traffic being affected differently than HTTPS?
- The state of the IPsec Tunnel(s)?
- Gather output from Firewall/Router with the following commands (Note: Following set of commands is for Cisco and we need the equivalent for other vendors) :
- Show run
- Show crypto isakmp sa
- Show crypto ipsec sa
- Gather output from Firewall/Router with the following commands (Note: Following set of commands is for Cisco and we need the equivalent for other vendors) :
- The Phase 1 and Phase 2 timeout settings (for IPsec tunnels)
- How does the device determine failover (DPD, IP-SLA, etc.)?
- Gather firewall and router logs, starting one hour before the outage, to the current time
- Capture a HAR file TECH248780
Note: Not all outages and network-related issues are Symantec related. By analyzing the requested information, Symantec can help determine the reason for the outage. In some cases, additional information may be necessary.
Feedback
Yes
No
Powered by
