Troubleshooting tips and techniques
The following tricks and techniques can be used to test or troubleshoot issues.
- Spoof addresses with hosts entries
- Can Access Gateway reach a host?
- Can a host be reached across a firewall?
You can use entries in a local hosts file to bypass DNS, which enables you to test applications before names are available in DNS. Tools such as nslookup and dig don't return values found in a local hosts file.
- Open the hosts file for your platform in a text editor:
OS Value Windows C:\Windows\System32\drivers\etc\hosts.txt Linux and similar /etc/hosts
- Enter a reference specific to an app such as:
- Test normally.
Ping can be used within the Access Gateway Management console to determine if a host is reachable.
- Open a connection to the Access Gateway Management console.
- Select 1-Network.
- Select 6-Ping.
- At the IP Address/Hostname prompt, enter a name or address.
- Examine the result to determine if Access Gateway can reach the host. For example: IP Address/Hostname: google.com PING google.com (188.8.131.52) 56(84) bytes of data. 64 bytes from lga25s59-in-f14.1e100.net (184.108.40.206): icmp_seq=1 ttl=114 time=22.7 ms . . . 64 bytes from lga25s59-in-f14.1e100.net (220.127.116.11): icmp_seq=4 ttl=114 time=18.1 ms --- google.com ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3006ms rtt min/avg/max/mdev = 16.900/19.520/22.757/2.234 ms
Are hosts entered into DNS
Tools such as nslookup and dig can be used to determine if a host is resolvable.
To use nslookup to determine the IP address of a host name:
- Open a command prompt. While nslookup is typically available on Linux and Apple OSX-based computers, it may not be available on Windows.
- Run nslookup. For example:
- Evaluate the result.
nslookup google.com Server: Unknown Address: 172.16.49.2 Name: google.com.localdomain Addresses: 18.104.22.168 22.214.171.124
Tools such as telnet can be used to determine if a host can be reached across a firewall. It's assumed that the machine running the telnet command is on the opposite side of the host being accessed.
While telnet is typically available on Linux and macOS, it may not be available on Windows.
To attempt to access a host using telnet:
- Open a command prompt.
- Run the telnet command:
telnet example.mysite.mydomain.com 443
- Evaluate the result:
Trying 192.168.0.211... telnet: connect to address 192.168.0.211: Connection refused