02-08-2010 09:05 PM - edited 04-08-2010 03:50 PM
I thought this might help some users:
First look at the logs:
- Run a policy trace for a user who has the issue.
- Check the access log for that user.
- Check the client side log "debuglog.log".
This should tell you why the user is failing.
ESAP information can be found in the following link: http://www.juniper.net/techpubs/software/ive/esap/
Make sure you are on at least 6.3x code as anything older does not have engineering support (Note: 6.3 will be end of engineering in March 16 2010 per http://www.juniper.net/support/eol/ive.html).
If you find an issue... see this KB: http://kb.juniper.net/KB12905 (Logs required for Juniper Support Case If Host Checker fails to detect a supported Anti-Virus or Firewall product).
Feel free to reply with your techniques as well.
02-09-2010 08:37 AM
Nice post - maybe you could pin this to the top like some of the firewall troubleshooting posts are pinned.
JNCIS-ENT, FWV, SSL, WLAN
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador
Juniper Elite Reseller
J-Partner Service Specialist - Implementation
If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
03-26-2010 04:43 PM - edited 03-26-2010 04:43 PM
This is a good KB12905. You have done an excellent job. It would be nice to inlcude location for MAC and Linux clients
Host Checker stores the log files in the following location on the Macintosh client:
Host Checker installs the following log files on Linux systems.
03-29-2010 01:35 AM - edited 03-29-2010 01:35 AM
To add a note on the Virus Scanner side of it; I find it very handy to check the Virus Update XML for the current
list of sigs - helps when a user says they have the latest and all I have in syslog is the software version.
EndPoint Security -> Virus Signature version monitoring -> Download Path