The purpose of this article is to provide initial troubleshooting steps when a health check is failing. The data collected below should help identify the root cause of the issue.
In order to troubleshoot a failing health check, we should be able to force a health check manually while capturing traffic in a packet capture so that we can see what happened during the connection attempt. This can be done as follows:
For an Authentication realm health check: "port 53 or port 88 or port 389"
For an ICAP or Forwarding host health check: "host x.x.x.x" (x.x.x.x being the ICAP or Forwarding Server's IP)
For DRTR health checks: "host webpulse.es.bluecoat.com"
For DNS Server health check: 'port 53' (by default it tries to resolve IP address for www.bluecoat.com but this can be changed in health check configuration)
-Go to Administration > Service Information > Send Information > Send Service Information tab
-Enter the case number
-Check the checkboxes for Packet Capture, Sysinfo and Event Log and click on Send.