I'm seeing intermittent authentication issues when users try to browse the internet and they are prompted with a windows authentication box. I'm look at the authentication logs and I'm seeing entries of problems connecting to the DCs. Examples of this are below
 NTLM: Exception "socket error (errno: 104 - 'Connection reset by peer') during write operation on message socket 113" when writing data to DC [DC Name]
NTLM: Exception "socket error (errno: 104 - 'Connection reset by peer') during read operation on message socket 304" when reading data from DC [DC Name]
Does anyone have any tips for diagnosing these types of problems?
"Reset by peer" implies the issue originates on the server side but unfortunately that's as much as we can tell from these messages. If you haven't already, take a look at the logs on the DC mentioned above for any related errors occurring around the time frame seen in the MWG logs. If examining the logs on the DC yields nothing, then a tcpdump done on the Webgateway filtered for port 445 is should definitely tell you more.
For details on this and other t-shooting tips regarding DC connectivity, refer to: