Troubleshooting connectivity issues in Web Application Firewall

Overview

Web Application Firewall is configured entirely through ETM Dashboard. Therefore, if WAF cannot connect to ETM Dashboard, you will not be able to configure it.

If your WAF is unable to connect to ETM Dashboard, you will receive an error message indicating that the device cannot reach ETM Dashboard (or the other way around).

 

What to check

If you've installed using the Docker container, WAF uses the host operating system's networking. In this case, issues connecting to ETM Dashboard are almost always issues with host device, rather than the WAF itself. Troubleshooting will take place on the host device's operating system instead of inside the Docker container. If you do need to access the WAF console on a Docker installation, please refer to Deploying Web Application Firewall in Docker.

If you've installed using the standalone ISO, WAF will be the only operating system present, so you'll need to access its console via SSH. As an example using a Linux-based system, you would use:
ssh root@1.2.3.4, where 1.2.3.4 is the IP address of the WAF instance.

You can also connect via physical console: keyboard, mouse, and monitor attached to the hardware platform.

Verify the host's internet connection

Ensure that the host device is able to reach the internet. You can try pinging something like Google DNS at 8.8.8.8 or connecting to a website via web browser to verify it has working internet access.

You may also need to check the device's networking configuration to ensure it has a valid IP address, DNS server information, and so forth. On a Linux system, you can find IP address information using ifconfig.

You can determine your DNS server using cat /etc/resolv.conf.

 

Verify DNS resolution

Once you've confirmed a working internet connection, use a DNS utility to verify that the host is able to resolve cmd.untangle.com. (Ping is not recommended, as that service will not respond to ping requests.) 

Next, test that WAF is able to resolve the hostname of our central servers. Using dig, the command would be:dig cmd.untangle.com.

 

Check for upstream filtering & restrictions

If there is something upstream of this host device that might restrict its outbound traffic, check that device's settings to ensure that your WAF host has unrestricted outbound access. This might be a router, managed switch, or firewall appliance. 

Follow
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk