Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
1594 Views 9 Replies Latest reply: Apr 10, 2014 5:37 PM by msiemens RSS
RayP Apprentice 65 posts since
Sep 8, 2005
Currently Being Moderated

Nov 7, 2012 2:58 AM

The following domain(s) can't be contacted.

Hi,

 

We're using the McAfee Web Gateway 7 (7.1.6.0 12742).

We see the following message in the Dashboard.

 

WebGateway1 07-Nov-2012 06:28:06 The following domain(s) can't be contacted: <domainname.org> (Origin: Authentication)

WebGateway2 07-Nov-2012 05:21:04 The following domain(s) can't be contacted: <domainname.org> (Origin: Authentication)

 

Where can i find more information about this alert.

Nothing can be found in {Troubleshooting} Log Files. Not even the alert itself.

 

Regards,
Ray

  • kent.dyer Newcomer 19 posts since
    Aug 1, 2011
    Currently Being Moderated
    1. Nov 8, 2012 1:16 PM (in response to RayP)
    Re: The following domain(s) can't be contacted.

    Same issue here 7.2.0 (13081).  Anybody?  Bueller?  Bueller?

  • jont717 Champion 291 posts since
    Jan 4, 2011
    Currently Being Moderated
    2. Nov 9, 2012 11:32 AM (in response to RayP)
    Re: The following domain(s) can't be contacted.

    We get these every once and a while too!  7.3

     

    We have 5 domain controllers in the list so I never worried about it when it could not get to one.  If I only had one, I would start to look into the issue.

  • Jon Scholten McAfee SME 857 posts since
    Nov 3, 2009
    Currently Being Moderated
    3. Nov 9, 2012 6:12 PM (in response to RayP)
    Re: The following domain(s) can't be contacted.

    Hi Ray,

     

    What kind of logs were you looking in?

     

    Are you talking about the Authentication debug log (ONLY ENABLE WITH MANAGMENT EVENTS!!!!)? You can find it under Configuration > Troubleshooting. Once enabled this will create logs under Troubleshooting > Log Files > Debug > mwg-core__Auth.debug.log

     

    7.2.x has a number of enhancments regarding Windows Domain Membership, I dont know if they would be related to the issue you are seeing though. As JonT said he see's those messages without any issue occuring.

     

    Best,

    Jon

  • Jon Scholten McAfee SME 857 posts since
    Nov 3, 2009
    Currently Being Moderated
    5. Nov 12, 2012 11:03 AM (in response to RayP)
    Re: The following domain(s) can't be contacted.

    You can enable "log managment events" only if you would like to debug further. Dont enable the other options as it could fill your disk pretty fast (like log authentication events).

     

    Best,

    Jon

  • Jon Scholten McAfee SME 857 posts since
    Nov 3, 2009
    Currently Being Moderated
    7. Nov 19, 2012 11:20 AM (in response to RayP)
    Re: The following domain(s) can't be contacted.

    Hi Ray,

     

    There would not be anything that showed you what happened that night.

     

    You can turn logging for managment events for authentication and this will give you a lot more information on the event. This can be done safely and is actually on by default starting as of 7.2 (for fresh installs).

     

    Best,

    Jon

  • al.johnson Newcomer 22 posts since
    Dec 16, 2010
    Currently Being Moderated
    8. Dec 5, 2012 3:17 PM (in response to RayP)
    Re: The following domain(s) can't be contacted.

    We ran into this a while back (on 7.2.0.1), took a bit to clear things up.  Essentially the AD team were rebooting their controllers.  If we had a MWG connected to it and get a user request, we would throw the error.  Not a problem now that we have configured all our domain controllers in each MWG device, as opposed to putting the DNS names that resolved to all AD DCs.

     

    Logging Management events will put the messages in the Auth.debug.log.  If you need to see the authentication events, do it only for a specifi client IP!

     

    You can identify the error by checking for Incident.Id=903 in your Error Handler Policy.  Then you can write your own error with details as needed.

  • msiemens Newcomer 15 posts since
    Sep 24, 2012
    Currently Being Moderated
    9. Apr 10, 2014 5:37 PM (in response to RayP)
    Re: The following domain(s) can't be contacted.

    We're running 7.3.2.3.0. The Auth_debug log didn't tell me much more than the dashboard other than individual attempts/failures. I had to leave/join the domain to clear this up. When I re-joined, I added a DC for a total of 3.

     

    Since it couldn't authenticate to the domain anyway, I didn't break anything that wasn't already broken. I would like to know why this happens.

More Like This

  • Retrieving data ...

Bookmarked By (1)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points