cancel
Showing results for 
Search instead for 
Did you mean: 
addias
Level 7

Intermittent problem with the communication between the Web Gateway and the DC

Intermittent problem with the communication between the Web Gateway and the DC.

Is giving communication errors with the DC, as the image below:

Capture.PNG

the archive logs "mwg-core__Auth.debug.log" show me this:

[2015-03-09 01:23:51.006 -03:00] [12578] NTLM: Exception "timeout during read operation on message socket 61" when reading data from DC 10.41.1.46 tmpBuf: 0 fBuf: 0 port: 13425

[2015-03-09 01:23:53.262 -03:00] [12578] NTLM: Thread 0x7fbd3db36a50 Domain anp id 15 failed to reconnect to DC 10.41.1.46

[2015-03-09 01:23:53.262 -03:00] [3958] NTLM: Disconnected from DC 10.41.1.46 in domain anp

[2015-03-09 01:23:58.323 -03:00] [3958] NTLM: Connected to DC 10.41.1.46 in domain anp

[2015-03-09 03:36:50.610 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-09 07:36:50.433 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-09 10:26:05.540 -03:00] [12578] NTLM: Exception "timeout during read operation on message socket 63" when reading data from DC 10.41.1.46 tmpBuf: 0 fBuf: 0 port: 13826

[2015-03-09 10:26:06.726 -03:00] [12578] NTLM: Exception "timeout during read operation on message socket 63" when reading data from DC 10.41.1.46 tmpBuf: 0 fBuf: 0 port: 25137

[2015-03-09 10:26:06.771 -03:00] [12578] NTLM: Thread 0x7fbd3db36a50 Domain anp id 15 reconnected to DC 10.41.1.46

[2015-03-09 11:31:48.194 -03:00] [3958] NTLM: updated machine account password for domain anp

[2015-03-09 11:31:48.264 -03:00] [12578] NTLM: Thread 0x7fbd3db36a50 Domain anp id 15 - shutdown (2)

[2015-03-09 11:31:48.593 -03:00] [3958] NTLM: Connected to DC 10.41.1.46 in domain anp

[2015-03-09 11:31:48.612 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-09 15:31:48.493 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-09 15:50:25.324 -03:00] [11342] NTLM: Exception "timeout during read operation on message socket 131" when reading data from DC 10.41.1.46 tmpBuf: 0 fBuf: 0 port: 31056

[2015-03-09 15:50:27.414 -03:00] [3958] NTLM: Disconnected from DC 10.41.1.46 in domain anp

[2015-03-09 15:50:27.489 -03:00] [11342] NTLM: Thread 0x7fbd3db3ba30 Domain anp id 16 failed to reconnect to DC 10.41.1.46

[2015-03-09 15:50:32.483 -03:00] [3958] NTLM: Connected to DC 10.41.1.46 in domain anp

[2015-03-09 19:31:48.314 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-09 23:31:48.110 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-10 01:40:40.703 -03:00] [11342] NTLM: Exception "timeout during read operation on message socket 123" when reading data from DC 10.41.1.46 tmpBuf: 0 fBuf: 0 port: 58275

[2015-03-10 01:40:42.740 -03:00] [3958] NTLM: Disconnected from DC 10.41.1.46 in domain anp

[2015-03-10 01:40:42.759 -03:00] [11342] NTLM: Thread 0x7fbd3db3ba30 Domain anp id 16 failed to reconnect to DC 10.41.1.46

[2015-03-10 01:40:47.825 -03:00] [3958] NTLM: Connected to DC 10.41.1.46 in domain anp

[2015-03-10 03:31:47.888 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-10 07:31:47.725 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-10 10:28:38.578 -03:00] [11342] NTLM: Exception "timeout during read operation on message socket 71" when reading data from DC 10.41.1.46 tmpBuf: 0 fBuf: 0 port: 38955

[2015-03-10 10:28:40.695 -03:00] [3958] NTLM: Disconnected from DC 10.41.1.46 in domain anp

[2015-03-10 10:28:40.700 -03:00] [11342] NTLM: Thread 0x7fbd3db3ba30 Domain anp id 16 failed to reconnect to DC 10.41.1.46

[2015-03-10 10:28:45.791 -03:00] [3958] NTLM: Connected to DC 10.41.1.46 in domain anp

[2015-03-10 11:31:47.579 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-10 14:58:07.708 -03:00] [3958] NTLM: Updated account definition for domain anp

[2015-03-10 14:58:07.838 -03:00] [11342] NTLM: Thread 0x7fbd3db3ba30 Domain anp id 16 - shutdown (2)

[2015-03-10 14:58:08.005 -03:00] [3958] NTLM: Connected to DC 10.41.1.125 in domain anp

[2015-03-10 14:58:08.045 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

Anyone have any idea what could be the problem?

I remember you that this problem is happening constantly and as I have 3 DC, has happened to give the error in the 3 DC and generate unavailability, as users could not authenticate to the Domain.

Help Me!!! haha

0 Kudos
4 Replies
amart
Level 9

Re: Intermittent problem with the communication between the Web Gateway and the DC

Most likely your DC 10.41.1.46 does not reply in time. You can start tcpdump on the appliance and capture traffic on tcp port 445 until you see this error message again. Open captured file in wireshark and search for reported port in the trace. Check how long it takes your DC to reply a request. You may need to adjust connection timeout on the domain membership page based on your findings.


Please open a support case if your DC replies immediately but MWG still reports connection timeout.

0 Kudos
mbagheryan
Level 12

Re: Intermittent problem with the communication between the Web Gateway and the DC

can you attach the feedback here?

0 Kudos
bwallace1
Level 9

Re: Intermittent problem with the communication between the Web Gateway and the DC

MBM -- NO, never a good idea to post feedbacks to forum threads. Please read:

https://community.mcafee.com/community/business/email_web/webgateway/blog/2013/08/01/rule-of-engagem...

0 Kudos
mbagheryan
Level 12

Re: Intermittent problem with the communication between the Web Gateway and the DC

Sorry. I didn't know that.

Anyway I just want to help and it needs to have more details.


In this case I can offer you to go as picture shown and create feedback file.

feedback.jpg

By a little digging on the log you will find the main problem.

Enjoy.

M.B.M

0 Kudos