Troubleshooting tips and techniques
The following tricks and techniques can be used to test or troubleshoot a known issue or
Topics
- Spoofing addresses using /etc/hosts
- Can Access Gateway reach a host?
- Can a host be reached across a firewall?
Spoofing addresses using /etc/hosts
Using /etc/hosts entries bypasses DNS and can be used to test applications before names are available in DNS. Tools such as nslookup and dig will not return values found in a local /etc/hosts file.
- In a text editor, open either:
OS Value Windows C:\Windows\System32\drivers\etc\hosts.txt Linux and similar /etc/hosts - Enter a reference specific to an app such as:
192.168.x.y header.myhost.mydomain.com
- Test normally.
Can Access Gateway reach a host?
Ping can be used within the Access Gateway Management console to determine if a host is reachable.
For more details see ping in Troubleshooting tools.
- Open a connection to the Access Gateway Management console.
- Select 1-Network.
- Select 6-Ping.
- At the IP Address/Hostname prompt, enter an name or address.
- Examine the result to determine if Access Gateway can reach the host. For example:
IP Address/Hostname: google.com
PING google.com (172.217.10.238) 56(84) bytes of data.
64 bytes from lga25s59-in-f14.1e100.net (172.217.10.238): icmp_seq=1 ttl=114 time=22.7 ms
. . .
64 bytes from lga25s59-in-f14.1e100.net (172.217.10.238): icmp_seq=4 ttl=114 time=18.1 ms
--- google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3006ms
rtt min/avg/max/mdev = 16.900/19.520/22.757/2.234 ms
Are hosts entered into DNS
Tools such as nslookup and dig can be used to determine if a host is resolvable and what address they resolve to
To use nslookup to determine the IP address of a host name:
- Open a command prompt. While nslookup is typically available on Linux and Apple OSX based computers, it may not be available on Windows.
- Run nslookup. For example:
nslookup google.com
- Evaluate the result.
nslookup google.com Server: UnKnown Address: 172.16.49.2 Name: google.com.localdomain Addresses: 172.217.6.206 172.217.6.206
Can a host be reached across a firewall?
Tools such as telnet can be used to determine if a host can be reached across a firewall. Using telnet to access a host across a firewall assumes that the machine executing the telnet command is on the opposite side of the firewall from the host that is attempting to be accessed.
To attempt to access a host using telnet.:
- Open a command prompt. While telnet is typically available on Linux and Apple OSX based computers, it may not be available on Windows.
- Run the telnet command:
telnet example.mysite.mydomain.com 443
- Evaluate the result
Trying 192.168.0.211... telnet: connect to address 192.168.0.211: Connection refused