TMS zl Management and Configuration Guide ST.1.0.090213
D-49
Troubleshooting
Troubleshooting the TMS zl Module in Routing Mode
Application Experiences Problems After TMS zl Module Is Installed.
If
If a network application does not work properly after the TMS zl Module is
installed, first ensure that the necessary access policy has been configured to
allow the application’s traffic. The access policy must allow the host to commu-
nicate with the network application on the ports that the application uses.
If you still have problems, complete the following steps:
1. Create a temporary access policy to allow traffic from just the host that
is running the network application. Use the following values:
• Source: Host that is running the application
• Destination: Any
• Service: Any
2. Enable logging on this access policy.
3. Lower the logging level to information and check the log for messages
related to the host.
4. Create or modify the permanent access policy based on the connectivity
information provided by the logs. If IPS is enabled and you see log
messages that indicate packets were dropped because IPS detected a
problem, see “Troubleshooting IPS” on page D-50.
5. When you have fixed the problem, remove the temporary access policy
that you created to troubleshoot the problem.
Troubleshooting NAT
If you suspect that a connectivity issue is related to NAT, complete following
steps:
1. Verify the NAT configuration by completing one of the following:
• From the TMS zl Module’s Web browser interface, click
Firewall > NAT
Policies > Policies
.
• From the TMS zl Module’s CLI, enter:
hostswitch (tms-module-C)# show nat
2. Make sure the appropriate access policy has been configured.
• From the TMS zl Module’s Web browser interface, click
Firewall >
Access Policies > Unicast
.
• From the TMS zl Module’s CLI, enter:
hostswitch (tms-module-C)# show access-policy