For all of the below solutions, you'll need to be logged in, via SSH, to the Command Line Interface ( CLI) terminal.
Follow these steps to get there:
Open a SSH session to to the Director box.
- Enter the enable mode by following the steps.
- director > enable
- director #
- Enter the configuration mode, by following these steps.
- director # config t
- director (config) #
This error can be caused by a variety of problems, Here is a list of what to check while in the CLI.
1: Check to see if the appliance certificate is good.
- In the Director CLI, and while in config mode, execute this command, to display the certificate.
- director (config) # sh ssl appliance-certificate
- Using your own Certificate Authority server (CA) , paste the certificate in, and have it checked.
- For details on how to request a new certificate, see 000011223
2: Check to see if your loopback port is enabled.
While in the configuration mode, enter follow this command, and check the output.
- director (config) # sh interfaces lo
- Interface lo:
MTU size: 16436 bytes
Packets received: 9637
Bytes received: 4740293
Multicast packets received: 0
Input errors: 0
Packets received with bad protocol: 0
Packets received not matching filters: 0
Packets received with short frames: 0
Packets sent: 9637
Bytes sent: 4740293
Output errors: 0
Packets dropped on output: 0
- TIP: If the output is not the same as above - shows the interface as down-, excecute this command.
- director (config) # no interface lo shutdown
3: If you have not followed the recomended upgrade path, you will see the above symptom.
- 220.127.116.11 ->18.104.22.168->22.214.171.124??? ------upgrade path will work.
126.96.36.199(RTM USB image) ->188.8.131.52???- is not supported.
is to follow the steps, as layed out in TFA58
- For a complete list of what upgrade paths Bluecoat recomends you follow, see 000015601
4: Your Director appliance traffic is being blocked by a firewall, network connectivity problems.
- Take a PCAP - sniffer trace- and ensure all traffic is being passed to the Director appliance, from the Client workstation.
- For a list of what ports need to be open to ensure healthy communication between the Java client and Director , see 000015461
5: You are using a DNS name to connect to tour Director appliance, and it has not been setup with a DNS server.
- For the Director Management Console to properly serve you with a log prompt it needs a working DNS server configured. This is because it connects to itself via a SSH session using it's supplied name.
- To test out the health of DNS, follow these steps, using the shell command line.
- sh-2.05b# /etc/init.d/djbdns stat ( checks to see if the DNS service is running)
- sh-2.05b# dnsip google.com ( procures the ip address of google.com)
6: Your workstation is not configured for a Java cache.
- Java caching is not done in the browser , but rather in the java control panel. In the control panel (which varies by windows version ). On XP, you go to <start> Control panel, and select the java icon. Once loaded, click on the 'temporary internet files" button called settings, on the bottom of the first screen. Here, ensure that click box "keep temporary internet files" is clicked.
- For more information on accessing the Java control panel, see Java website LINK
NOTE1: For other symptoms that cause you not be able to access your Director appliance, see FAQ1007
NOTE2: For more details on other CLI commands, see KB4178