Knowledgebase Category: Troubleshooting
- /
- /
Troubleshooting
- Troubleshooting Asymmetric Routing
- Cannot route to clients on an SSL/TLS site-to-site tunnel
- Common Scenario
- Client Specific Override iroute entry seems to have no effect
- Why do OpenVPN clients all get the same IP address?
- Automatic Fix
- Importing OpenVPN DH Parameters
- Manual Fix
- Troubleshooting OpenVPN Remote Access Client IP Address Assignments
- Troubleshooting Windows OpenVPN Client Connectivity
- Alternate Causes
- Troubleshooting Windows/SMB Share Access from OpenVPN Clients
- Troubleshooting Authentication
- DN and Related Settings
- Troubleshooting OpenVPN Internal Routing (iroute)
- Troubleshooting OpenVPN Push Routes
- Bind Credentials
- Active Directory Group Membership
- Troubleshooting Lost Traffic or Disappearing Packets
- Troubleshooting a Broken pkg Database
- Extended Query
- Troubleshooting Routes
- Connection-Related Issues (non-SSL)
- Connection-Related Issues (SSL)
- Viewing Routes
- Troubleshooting via Server Logs
- Troubleshooting via Packet Captures
- Using traceroute
- Routes and VPNs
- Troubleshooting Network Connectivity
- WAN Interface
- MD5 Signature Mismatch
- LAN Interface
- Upstream Issues
- Space Issues
- Firewall/Rules
- Outbound NAT
- Disk Usage Issues
- Sites not loading with splice / Error 409 in access log
- Diagnostic Tests
- Client Tests
- Clear Cache
- Miscellaneous Additional Areas
- Complete Reset
- Troubleshooting Upgrades
- Troubleshooting DHCPv6 Client XID Mismatches
- Non-Fatal Errors
- Fatal Errors
- Other Errors
- Troubleshooting DNS Resolution Issues
- Troubleshooting Time Zone Configuration
- DNS Forwarder
- Troubleshooting Traceroute Output
- Cosmetic Problems Post-Upgrade
- Client DNS Cache
- Upgrade Log
- Troubleshooting the DNS Forwarder
- Upgrade not Offered / Library Errors
- Troubleshooting DNS Resolution Issues
- Repository Metadata Version Errors
- Rewrite Repository Information
- CLI Troubleshooting
- Troubleshooting the DNS Forwarder
- pkg.AZTCO-FW.org Has no A/AAAA Record
- Troubleshooting Gateway Monitoring
- IPv6 Connectivity Problems
- sendto error: 55
- Segmentation Fault in pkg
- sendto error: 64
- Forced pkg Reinstall
- sendto error: 65
- Last Resort
- Troubleshooting High Availability DHCP Failover
- Troubleshooting Wireless Connections
- Troubleshooting the HAProxy Package
- Troubleshooting Website Access
- HAProxy Troubleshooting
- Check Wireless Status
- Check the Antenna
- Try with multiple clients or wireless cards
- Troubleshooting VPN Connectivity to a High Availability Sec- ondary Node
- Signal Strength is Low
- Troubleshooting High Availability
- Stuck Beacon Errors
- Common Misconfigurations
- Interface Unavailable for Assignment
- Incorrect Hash Error
- Both Systems Appear as MASTER
- Primary system is stuck as BACKUP
- Other Switch and Layer 2 Issues
- Configuration Synchronization Problems
- HA and Multi-WAN Troubleshooting
- Hypervisor users (Especially VMware ESX/ESXi)
- KVM+QEMU Issues
- VirtualBox Issues
- Troubleshooting Captive Portal
- Troubleshooting High CPU Load
- View CPU Processes
- Authentication failures
- Troubleshooting Firewall Rules
- Check The Firewall Logs
- Captive Portal Does not Redirect
- Check the State Table
- View Interrupt Counters
- Apple devices are unable to load the portal page or login
- Review Rule Parameters
- Port Forwards Behind Portal Only Work When Target Logs In
- View mbuf Usage
- View I/O Operations
- Captive Portal Rules
- NAT Confusion
- Port Forward pass action
- Troubleshooting Installation Issues
- Troubleshooting GUI Connectivity
- Source and Destination Ports
- Review Rule Ordering
- Boot from Install Media Fails
- Rules and Interfaces
- Troubleshooting Offline DHCP Leases
- Boot from hard drive after installation fails
- Interface link up not detected
- Hardware Troubleshooting
- Enable Rule Logging
- Troubleshooting with packet captures
- New Rules Are Not Applied
- Unfilterable Traffic
- Troubleshooting IPsec VPNs
- UPnP / NAT-PMP passed traffic
- Asymmetric Routing
- IPsec Logging
- Tunnel does not establish
- Tunnel establishes but no traffic passes
- Ruleset Failing to Load
- Some hosts work, but not all
- Other Causes
- Connection Hangs
- “Random” Tunnel Disconnects/DPD Failures on Low-End Routers
- Troubleshooting FTP Connections
- Tunnels Establish and Work but Fail to Renegotiate
- Disabling the FTP Proxy
- Tunnel Establishes When Initiating, but not When Responding
- IPsec Log Interpretation
- FTP Ports
- Troubleshooting L2TP
- Rules to allow FTP
- Troubleshooting/Alternatives
- Connected to L2TP but cannot pass traffic
- Connection Fails with a Windows Client
- L2TP Traffic Blocked Outbound
- Troubleshooting ARP Move Log Messages
- Cannot connect
- Clustering and Load Balancing
- Troubleshooting “login on console as root” Log Messages
- Troubleshooting Blocked Log Entries for Legitimate Connec- tion Packets
- Insufficient Hardware
- Hardware/Driver Tuning Required
- Asymmetric Routing
- Duplex Mismatch
- Troubleshooting “promiscuous mode enabled” Log Messages
- Traffic Shaping
- MTU Issues
- WAN Connection
- Client/Testing Method
- ISP Issues
- Troubleshooting Traffic Shaping
- Troubleshooting Multi-WAN
- Bittorrent traffic not using the P2P queue
- UPnP traffic shaping
- Verify Firewall Rule Configuration
- ACK queue bandwidth calculations
-
Why is
not properly shaped? - Policy routing does not work for web traffic or all traffic
- WAN connection speed changes
- Failover not working
- Load balancing not working
- A gateway is incorrectly marked offline
- Troubleshooting Traffic Shaping Graphs
- Ping works by IP address, but web browsing fails
- Squid doesn’t seem to be using both connections
- Troubleshooting NAT
- Port Forward Troubleshooting
- NAT Reflection Troubleshooting
- Outbound NAT Troubleshooting
- Troubleshooting 1:1 NAT
- Troubleshooting NAT Port Forwards
- Common Problems
- Troubleshooting NAT Reflection
- Troubleshooting OpenVPN
- Check OpenVPN Status
- Check Firewall Log
- Some hosts work, but not all
- Check the OpenVPN logs
- Ensure no overlapping IPsec connections
- Check the system routing table
- Test from different vantage points
- Trace the traffic with packet captures
- Routes will not push to a client
- Why can’t I ping some OpenVPN adapter addresses?