cancel
Showing results for 
Search instead for 
Did you mean: 
georgi_ar
Level 9

Unable to Join Web gateway 7.5.0.3.0 to domain

Hi,

I am unable to to join my Web Gateway to my domain. (Domain is on Server 2012 R2 Functional level is on Windows 2012)

Version of Web Gateway is 7.5.0.3.0

This is a new fresh installation.

I am receiving the below error:

join.PNG

Below are the errors that I can view in the mwg-core__Auth.debug.log

[2015-01-21 14:54:20.866 +00:00] [8788] NTLM: Exception "socket error (errno: 104 - 'Connection reset by peer') during read operation on message socket 63" when reading data from DC 192.168.10.10 tmpBuf: 0 fBuf: 0 port: 43296

[2015-01-21 15:17:25.595 +00:00] [8788] NTLM: Exception "socket error (errno: 104 - 'Connection reset by peer') during read operation on message socket 63" when reading data from DC 192.168.10.10 tmpBuf: 0 fBuf: 0 port: 43511

[2015-01-21 15:17:31.538 +00:00] [8788] NTLM: Exception "socket error (errno: 104 - 'Connection reset by peer') during read operation on message socket 63" when reading data from DC 192.168.10.10 tmpBuf: 0 fBuf: 0 port: 43514

[2015-01-21 16:47:13.853 +00:00] [8788] NTLM: Exception "socket error (errno: 104 - 'Connection reset by peer') during read operation on message socket 65" when reading data from DC 192.168.10.10 tmpBuf: 0 fBuf: 0 port: 44128

[2015-01-21 16:48:26.629 +00:00] [8788] NTLM: Exception "socket error (errno: 104 - 'Connection reset by peer') during read operation on message socket 65" when reading data from DC 192.168.10.10 tmpBuf: 0 fBuf: 0 port: 44141

[2015-01-21 16:48:58.150 +00:00] [8788] NTLM: Exception "socket error (errno: 104 - 'Connection reset by peer') during read operation on message socket 65" when reading data from DC 192.168.10.10 tmpBuf: 0 fBuf: 0 port: 44148

Below is the TCP stream from Wireshark output from the DC. (Windows firewall is off on the DC)

wire.PNG

Any suggestions are appreciated.

0 Kudos
9 Replies
McAfee Employee

Re: Unable to Join Web gateway 7.5.0.3.0 to domain

Hi,

The MWG screenshot shows "Wrong credentials", so I recommend to double check the Administrator name and password.

From the Tcpdump, you can see the DC is closing the connection with a reset. Please see the DC logs for the reason.

- Volker

bjoernt
Level 9

Re: Unable to Join Web gateway 7.5.0.3.0 to domain

Does the Computer Account for the MWG already exist in your AD? If that is so then you must enable the setting "Overwriting existing account" to join the domain. Here is another Thread to join in Domain:

BR

Bjoern

0 Kudos
georgi_ar
Level 9

Re: Unable to Join Web gateway 7.5.0.3.0 to domain

Credentials are correct.

I've also tried with other Domain Administrator. Result is the same.

MWG computer account does not exist in AD.Also tried with the "Overwriting existing account" selected, but same result.

As Volker said, I also presume that something on the DC side is accepting the connection or something..

Volker, could please let me know to which logs you are referring on the DC.

Thank you.

0 Kudos
McAfee Employee

Re: Unable to Join Web gateway 7.5.0.3.0 to domain

Hi,

Sorry but I have no experience with DC logs. I only see from the tcpdump that the DC is closing the connection after getting the MWG request. You also see this from the auth debug log. "Connection reset by peer" means the server closed the connection. The DC should show somewhere why it is not accepting the connection.

- Volker

0 Kudos
georgi_ar
Level 9

Re: Unable to Join Web gateway 7.5.0.3.0 to domain

Hi,

Just wanted to give you a feedback and the final resolution/workaround.

Unfortunately I could not find the cause of the issue.

However it was residing at the DC.

I have a second DC (which was not primary) to which I managed to join the WebGateway.

To my knowledge they are all the same at configuration level (GPO, user accounts, firewall and so on). Maybe there was something else that I could not mange to find.

mbagheryan
Level 12

Re: Unable to Join Web gateway 7.5.0.3.0 to domain

It is normal to have error here because you wrote the IP instead of full Domain Controller Name.

Do as it is shown in example below:

Domain.PNG

Check it.

Enjoy.

M. B. M

georgi_ar
Level 9

Re: Unable to Join Web gateway 7.5.0.3.0 to domain

Hi M Bagheryan M,

Thank you for your reply.

This is not the cause of the issue in my case as it was tested also with the FQDN.

The cause was residing in the DC itself, but could not manage to find what it was.

0 Kudos
bjoernt
Level 9

Re: Unable to Join Web gateway 7.5.0.3.0 to domain

Are error in the Logs of the Domaincontroller?

0 Kudos
addias
Level 7

Re: Unable to Join Web gateway 7.5.0.3.0 to domain

I'm having the same problem mentioned above.

The following message appears in the log:

[2015-03-09 01:23:51.006 -03:00] [12578] NTLM: Exception "timeout during read operation on message socket 61" when reading data from DC 10.41.1.46 tmpBuf: 0 fBuf: 0 port: 13425

[2015-03-09 01:23:53.262 -03:00] [12578] NTLM: Thread 0x7fbd3db36a50 Domain anp id 15 failed to reconnect to DC 10.41.1.46

[2015-03-09 01:23:53.262 -03:00] [3958] NTLM: Disconnected from DC 10.41.1.46 in domain anp

[2015-03-09 01:23:58.323 -03:00] [3958] NTLM: Connected to DC 10.41.1.46 in domain anp

[2015-03-09 03:36:50.610 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-09 07:36:50.433 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-09 10:26:05.540 -03:00] [12578] NTLM: Exception "timeout during read operation on message socket 63" when reading data from DC 10.41.1.46 tmpBuf: 0 fBuf: 0 port: 13826

[2015-03-09 10:26:06.726 -03:00] [12578] NTLM: Exception "timeout during read operation on message socket 63" when reading data from DC 10.41.1.46 tmpBuf: 0 fBuf: 0 port: 25137

[2015-03-09 10:26:06.771 -03:00] [12578] NTLM: Thread 0x7fbd3db36a50 Domain anp id 15 reconnected to DC 10.41.1.46

[2015-03-09 11:31:48.194 -03:00] [3958] NTLM: updated machine account password for domain anp

[2015-03-09 11:31:48.264 -03:00] [12578] NTLM: Thread 0x7fbd3db36a50 Domain anp id 15 - shutdown (2)

[2015-03-09 11:31:48.593 -03:00] [3958] NTLM: Connected to DC 10.41.1.46 in domain anp

[2015-03-09 11:31:48.612 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-09 15:31:48.493 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-09 15:50:25.324 -03:00] [11342] NTLM: Exception "timeout during read operation on message socket 131" when reading data from DC 10.41.1.46 tmpBuf: 0 fBuf: 0 port: 31056

[2015-03-09 15:50:27.414 -03:00] [3958] NTLM: Disconnected from DC 10.41.1.46 in domain anp

[2015-03-09 15:50:27.489 -03:00] [11342] NTLM: Thread 0x7fbd3db3ba30 Domain anp id 16 failed to reconnect to DC 10.41.1.46

[2015-03-09 15:50:32.483 -03:00] [3958] NTLM: Connected to DC 10.41.1.46 in domain anp

[2015-03-09 19:31:48.314 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-09 23:31:48.110 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-10 01:40:40.703 -03:00] [11342] NTLM: Exception "timeout during read operation on message socket 123" when reading data from DC 10.41.1.46 tmpBuf: 0 fBuf: 0 port: 58275

[2015-03-10 01:40:42.740 -03:00] [3958] NTLM: Disconnected from DC 10.41.1.46 in domain anp

[2015-03-10 01:40:42.759 -03:00] [11342] NTLM: Thread 0x7fbd3db3ba30 Domain anp id 16 failed to reconnect to DC 10.41.1.46

[2015-03-10 01:40:47.825 -03:00] [3958] NTLM: Connected to DC 10.41.1.46 in domain anp

[2015-03-10 03:31:47.888 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-10 07:31:47.725 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-10 10:28:38.578 -03:00] [11342] NTLM: Exception "timeout during read operation on message socket 71" when reading data from DC 10.41.1.46 tmpBuf: 0 fBuf: 0 port: 38955

[2015-03-10 10:28:40.695 -03:00] [3958] NTLM: Disconnected from DC 10.41.1.46 in domain anp

[2015-03-10 10:28:40.700 -03:00] [11342] NTLM: Thread 0x7fbd3db3ba30 Domain anp id 16 failed to reconnect to DC 10.41.1.46

[2015-03-10 10:28:45.791 -03:00] [3958] NTLM: Connected to DC 10.41.1.46 in domain anp

[2015-03-10 11:31:47.579 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

[2015-03-10 14:58:07.708 -03:00] [3958] NTLM: Updated account definition for domain anp

[2015-03-10 14:58:07.838 -03:00] [11342] NTLM: Thread 0x7fbd3db3ba30 Domain anp id 16 - shutdown (2)

[2015-03-10 14:58:08.005 -03:00] [3958] NTLM: Connected to DC 10.41.1.125 in domain anp

[2015-03-10 14:58:08.045 -03:00] [3958] NTLM: Updated list of trusted domains for domain anp

Any idea what may be causing this problem of communication?

the problem is in DC or the Web Gateway?

0 Kudos