cancel
Showing results for 
Search instead for 
Did you mean: 
nate.hall
Level 9

MWG 7 losing connection to domain

Jump to solution

We installed a MWG 7 a few weeks ago. It's been working fine without issue for about 3 weeks. All of a sudden today while I was logged into the web interface I was getting a "heartbeat failed" pop up and then I got an email because websites were getting blocked. The block page said it could not authenticate them. I looked at the alerts and it  states it can not connect to the domain.

I was logged into the CLI and I verified that the date and time are fine. I can ping both of the domain controllers and everything seems to be fine. After about 30 minutes its reconnected but I need to find out what the issue is.

Where would you suggest I look, and are there any particular log files I can look at for this? I've real briefly looked through the logs, but there are so many it's tough to determine where to start.

Thanks

0 Kudos
1 Solution

Accepted Solutions
McAfee Employee

Re: MWG 7 losing connection to domain

Jump to solution

Hi Nate,

The "heartbeat failed" message could mean a couple of different things. Perhaps you have the proxy settings set and the domain memebership issue caused your GUI access to fail.

Pinging isnt representative of what is necessary for a domain membership connection to function properly. MWG must be able to resolve the DC forward and backwards (so you must check DNS too), etc...

There is the authentication debug log which should be turned on for "Managment event" (AND ONLY MANAGMENT EVENTS):

2013-05-06_130410.png

If this is on, then you can find the logs under Troubleshooting > Log Files > Debug > mwg-core_Auth.debug.log.

This will show why a domain controller connection went down.

Best,

Jon

0 Kudos
4 Replies
alexn
Level 14

Re: MWG 7 losing connection to domain

Jump to solution

Log files can be taken as per this kb, Win SCP mis attached, we can only find the reason after having look into logs.

https://kb.mcafee.com/corporate/index?page=content&id=KB75552&actp=search&viewlocale=en_US&searchid=...

0 Kudos
genemoore
Level 9

Re: MWG 7 losing connection to domain

Jump to solution

are the DCs that the MWG is connected to located on the same network?  Hopefully in the same datacenter?  Are you having large amounts of latency between MWG and the DCs?  The most common reason is that the DC simply can not keep up with the requests or the latency between the MWG and the DCs is large.  MWG is located in the US and MWG was setup for use DNS for DC lookup, and the DC that was returned was in Asia.  Obviously this is not a wise setup if that is the case. 

Make sure MWG is setup with hardcoded DCs and not using DNS.

0 Kudos
McAfee Employee

Re: MWG 7 losing connection to domain

Jump to solution

Hi Nate,

The "heartbeat failed" message could mean a couple of different things. Perhaps you have the proxy settings set and the domain memebership issue caused your GUI access to fail.

Pinging isnt representative of what is necessary for a domain membership connection to function properly. MWG must be able to resolve the DC forward and backwards (so you must check DNS too), etc...

There is the authentication debug log which should be turned on for "Managment event" (AND ONLY MANAGMENT EVENTS):

2013-05-06_130410.png

If this is on, then you can find the logs under Troubleshooting > Log Files > Debug > mwg-core_Auth.debug.log.

This will show why a domain controller connection went down.

Best,

Jon

0 Kudos
nate.hall
Level 9

Re: MWG 7 losing connection to domain

Jump to solution

Thanks Jon, just what I was looking for. I wasn't sure what log file would have the information I need. This debug log was it, thanks again!

0 Kudos