This section deals with connection problems that might occur when connecting a management workstation to a Clavister Firewall.
If the management interface does not respond after the Clavister Firewall has powered up, there are a number of simple steps to troubleshoot basic connection problems:
1. Check that the correct interface is being used.
The most obvious problem is that the wrong interface has been used for the initial connection to the management workstation. The management interface is configured during installation and this is described in Chapter 2, Installation.
2. Check that the management workstation IP is configured correctly.
The second most obvious problem is if the IP address of the management workstation is not configured correctly.
3. Using the ifstat CLI command.
To investigate a connection problem further, use the virtual machine's console after cOS Stream starts. When you press the enter key with the console, The system should respond with the standard CLI prompt. Now enter the following CLI command once for each Ethernet interface:
Where <if-name> is the name of the management interface. This command will display a number of counters for that interface. The ifstat command on its own can list the names of all cOS Stream Ethernet interfaces.
If the Input counters in the hardware section of the output are not increasing then the error is likely to be in the cabling. However, it may simply be that the packets are not getting to the Clavister Firewall in the first place. This can be confirmed with a packet sniffer if it is available.
If the Input counters are increasing, the management interface may not be attached to the correct physical network. There may also be a problem with the routing information in any connected hosts or routers.
4. Using the arpsnoop CLI command.
A final diagnostic test is to try using the console command:
This will show the ARP packets being received on the different interfaces and confirm that the correct connections have been made to the correct interfaces.