Table of Contents
Troubleshooting AUSWhy isn't the device showing up in the Device Summary?
Why hasn't the device contacted the AUS?
AUS gives authentication errors—what should I do?
Why isn't the device current after I request an auto update?
Why does the AUS give errors when I try to add a PDM or PIX Firewall image file?
Why can't I add a file that is not a PIX Firewall image or PDM file through the AUS GUI?
I assigned an image file to a device—why isn't it current?
Why can't I assign two image files of the same type to a device?
Why does the device reboot after I assign a new image file to it?
Why does the device keep downloading the same file?
Why aren't reports from more than 7 days ago displayed?
Why can't I access the AUS from my browser after several hours?
Why are buttons are grayed-out on certain screens?
Why can't I start AUS after I reboot my machine?
Understanding error messages
Troubleshooting AUS
These topics will help you troubleshoot AUS:
- Why isn't the device showing up in the Device Summary?
- Why hasn't the device contacted the AUS?
- AUS gives authentication errorswhat should I do?
- Why isn't the device current after I request an auto update?
- Why does the AUS give errors when I try to add a PDM or PIX Firewall image file?
- Why can't I add a file that is not a PIX Firewall image or PDM file through the AUS GUI?
- I assigned an image file to a devicewhy isn't it current?
- Why can't I assign two image files of the same type to a device?
- Why does the device reboot after I assign a new image file to it?
- Why does the device keep downloading the same file?
- Why aren't reports from more than 7 days ago displayed?
- Why can't I access the AUS from my browser after several hours?
- Why are buttons are grayed-out on certain screens?
- Why can't I start AUS after I reboot my machine?
- Understanding error messages.
You can check the following logs for information about errors:
- NMSROOT\MDC\log\autoupdate date—AUS log that contains all messages from the AUS application.
- NMSROOT\MDC\tomcat\logs\stdout.log—tomcat output log that contains messages from any application running under tomcatServeletEngine.
- NMSROOT\MDC\tomcat\logs\stderr.log—tomcat standard error log that contains a java stack trace when the java code breaks.
Why isn't the device showing up in the Device Summary?
If the device is not shown in the Device Summary, it was not added correctly to the PIX MC.
Step 1 Use PIX MC to add the device to AUS. See the PIX MC online help for more information. See the "Setting Up Devices and Groups" section of Using Management Center for PIX Firewalls 1.0 for more information.
Step 2 Verify that the device was added to AUS by selecting Device > Device Summary.
Why hasn't the device contacted the AUS?
If the device has never contacted AUS, it could be because:
For the device to contact AUS, do one or more of the following:
 |
Note The default polling period is 12 hours. You can use PIX MC to change the polling period. See the "Configuring Auto Update Server" section of Using Management Center for PIX Firewalls 1.0 for more information, or see the PIX MC online help. |
- Verify that the device is configured to operate in its deployed environment. If it is deployed for DHCP, ensure that a DHCP server is present to give the device a network address. If the device is deployed with a static IP address, verify that the IP address is correct.
- Check the Event Report to see if there are any authentication errors for the device by selecting Report>Event Report. If there are authentication errors, the Event Type column displays CONNECT_FAILURE and the description column gives a message that the device has an authentication error.
- Check the AutoUpdate URL to verify that it matches the URL in the System Info Report (Report>System Info Report) by performing the following steps:
1. Connect to the device console.
3. Enter the enable password that you previously set.
You will see all AUS settings, including the AUS URL.
If the URL does not match the URL shown in the System Info report, set the new AUS URL by entering the following:
AUS gives authentication errors—what should I do?
Authentication errors can occur when the device tries to contact AUS. Authentication errors are visible in the Event Report (see the "Viewing the Event Report" section) or from the device console (if debug is enabled on the console).
To enable debug on the console:
Step 1 Enter enable mode by entering:
Step 2 Enter your enable password.
Step 3 Enter the following:
The device displays all error messages; you can use the information to debug the device.
Authentication errors can result from using incorrect credentials:
- When you added the device to AUS, you entered a set of credentials that allowed the device to contact the server. The username/password credentials are incorrect.
- A user changed, through the command line, the set of credentials that the device was using to connect to AUS. Now, the set of credentials no longer matches the server credentials.
To resolve the problem, do one or more of the following:
Why isn't the device current after I request an auto update?
If you requested that a device immediately contact AUS (see the "Requesting an Auto Update" section), but the device is not current, the cause could be one of the following:
To resolve the problem, do one or more of the following:
Why does the AUS give errors when I try to add a PDM or PIX Firewall image file?
If you are trying to add a PDM or PIX Firewall image file to AUS and are receiving errors, the problem might be a result of one of the following:
You can resolve the problem by doing one or more of the following:
- Make sure that you select the correct image type when adding the file.
- Verify that the image file is not corrupted. Check the MD5 checksum of the image file. To view the checksum value, select Images > Software Images. Click the name of the image file in the Image Name column. A popup window appears, providing you with information about the image file, including the checksum value. See the "Viewing Software Images" section for more information.
Compare this checksum value with the value you received when the image was downloaded. If they are different, the image file is corrupted.
Why can't I add a file that is not a PIX Firewall image or PDM file through the AUS GUI?
The AUS GUI supports only PDM files and PIX Firewall images; therefore, you cannot use it to add any other types of files.
If you are trying to add configuration files, use PIX MC. See the PIX MC documentation for more information.
I assigned an image file to a device—why isn't it current?
If you assigned an image file to a device but the device does not contain this information, the problem could be because:
To resolve the problem, do one or both of the following:
- Check the AUS timestamp to verify the last time the device contacted AUS. If the polling period has not ended, then the device has not contacted AUS to report the latest information. If you do not want to wait for the polling period to end, you can request that the device contact AUS immediately (see the "Requesting an Auto Update" section).
- Check the Event Report (select Report > Event Report) to look for errors. If a bad configuration file is assigned to the device, you will see empty lines in the report. This empty report means that the configuration file cannot be parsed. Add a new configuration file to AUS using PIX MC (see the PIX MC documentation) and assign it to the device.
Why can't I assign two image files of the same type to a device?
A device can run only one PIX Firewall image or PDM file at a time, so you can assign only one file of each type to a device.
Why does the device reboot after I assign a new image file to it?
After you assign a new image file to a device, a reboot is required. The reboot is automatic.
Why does the device keep downloading the same file?
If a device continuously downloads a file, the device is having problems running the image.
Check the Event Report (select Report > Event Report) for errors. If there are errors, assign a new image file.
Why aren't reports from more than 7 days ago displayed?
AUS reports show data only from the past 7 days; they do not show data from any time earlier.
Why can't I access the AUS from my browser after several hours?
Your AUS session automatically times out after several hours of idle time. To access AUS, log in to AUS again.
Why are buttons are grayed-out on certain screens?
If buttons are grayed out on certain AUS screens, you might not have the correct privileges to perform certain commands. See "User Roles and Permissions for AUS."
Why can't I start AUS after I reboot my machine?
It takes AUS a few minutes to restart after you reboot your machine. Do one of the following:
Understanding error messages
Table A-1 contains a list of common error messages, their probable cause, and possible solutions.
| Message | Probable Cause | Possible Solution |
|---|---|---|
|
Try to add the file to AUS again. If that does not work, restart AUS. |
||
|
The name of the file is either too long or too short, or the file is named "." or "..". |
||
|
You added a file that is either corrupted or is not the correct file type. |
||
|
You cannot add the file to AUS; either the file is corrupted or you are trying to add a file type that is different from the file type specified in the GUI. |
Download a new version of the image file and add the file to AUS. |
|
|
The device did not contact AUS; AUS does not know the IP address of the device. |
Wait until the device contacts the AUS and request an auto update (see the "Requesting an Auto Update" section for details). |
|
|
AUS cannot authenticate your username/password credentials. Either your credentials are incorrect, or your session timed out. |
||
|
Try to delete the file again. If you cannot delete the file, restart AUS. |
||
|
An error occurred during auto update. Enable or AAA credentials are incorrect, or the device does not allow HTTP access. |
Ensure that the device allows HTTP access for AUS; ensure that the AUS AAA and enable credentials are correct. |
|
|
The temporary file used during the file add process cannot be deleted. The filename you specified contains invalid or illegal characters, or the file already exists in the storage area. |
Check the storage directory to verify that the file is not already there. Try the task again; if the problem persists, restart AUS and try to add the configuration file again. |
|
|
AUS cannot perform an auto update. AUS does not know what credentials to use to communicate with the device because no enable password or AAA credentials were entered for the device. |
Modify the device entry with the correct credentials and try the task again. |
|
|
An error occurred while the database password was being changed. The AUS db.prop file does not contain the correct username and password for the database, or you entered the password incorrectly. |
Verify that the AUS db.prop file contains the correct username and password for the database and enter your username and password again. |
|
| AUS is unable to connect to the database. |
||
|
Remove unneeded information from your hard drive or add a new hard drive. |
||
|
Try to add the device again. If you still cannot add the device to AUS, restart AUS. |
||
|
Try to add the file again. If you still cannot add the image file to AUS, restart AUS. |
||
|
Use the existing entry, or delete the existing entry and retry the task. |
||
|
AUS cannot find the requested device. A device that has not been added to AUS tried to contact AUs. |
Verify that you entered the correct device ID and try the task again. |
|
|
The checksum of the file has changed since the file was added to the database. Either another user changed the file, or your system is compromised. |
Make sure your machine is secure. Then, delete the image file and add a new copy of the file to AUS. |