TMS zl Management and Configuration Guide ST.1.0.090213
D-45
Troubleshooting
Troubleshooting the TMS zl Module in Routing Mode
■ If user authentication is enabled, ensure that it is set up correctly,
and the user authenticates successfully.
Finally, you may want to see if user authentication is enabled. If it is, make
sure it is set up correctly. For example, you must set up the appropriate
access policies and ensure that the user authenticated successfully. Keep
in mind that regular access policies will be processed before access
policies that are related to user groups.
Traffic Matches the Intended Access Policy But Does Not Arrive at Its
Destination. When you check the log messages, you may find that the traffic
matched the intended access policy and was permitted. If the traffic does not
arrive at its destination, check the following:
■ Ensure that the appropriate ALG is enabled or that a port trigger
is configured.
Because some applications open data-transfer connections dynamically
by negotiating IP addresses and service ports, they require special han-
dling by the firewall. For these types of applications, ensure that the
appropriate Application Level Gateway (ALG) is enabled.
To view the status of ALGs, enter:
hostswitch (tms-module-C)# show alg
You will see output similar to the following:
aim : Disabled
ftpv4 : Enabled
ike : Enabled
ils : Enabled
ils2 : Enabled
irc : Enabled
l2tp : Enabled
msn : Enabled
netbios : Enabled
nntp : Enabled
pptp : Enabled
rpc : Enabled
rtspv4 : Enabled
smtp : Enabled
sql : Enabled
tftp : Enabled
To enable an ALG, enter:
hostswitch (tms-module-C:config)# alg <alg>