Manualshelf

Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance
601602603604605606607608609610
14-42
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 14 Administering the CAM
Support Logs
Failed sanity check with [x.x.x.x]. The certificate's subject DN of this receiver is not authorized.
This message displays on the Master CAM if the Master does not have the Receiver DN configured or
if the Receiver’s DN is misconfigured under Configure Master page.
To resolve this, navigate to Administration > CCA Manager > Policy Sync > Configure Master on
the Master CAM and ensure the Receiver’s DN is present and/or configured correctly in the List of
Authorized Receivers by Certificate Distinguished Name.
Failed sanity check with [x.x.x.x]. This host is not configured as policy sync receiver.
This message displays on the Master CAM if Policy Sync is not enabled on the Receiver.
To resolve this, Enable Policy Sync on the Receiver.
Support Logs
The Support Logs page on the Clean Access Manager is intended to facilitate TAC support of customer
issues. The Support Logs page allows administrators to combine a variety of system logs (such as
information on open files, open handles, and packages) into one tarball that can be sent to TAC to be
included in the support case. Administrators should download these support logs when sending their
customer support request.
The Support Logs pages on the CAM web console provide web page controls to configure the level of
log detail recorded for troubleshooting purposes in /perfigo/control/tomcat/logs/nac_manager.log.
These web controls are intended as convenient alternative to using the CLI
loglevel command and
parameters in order to gather system information when troubleshooting. Note that the log level
configured on the Support Logs page does not affect the CAM’s Monitoring > Event Log page display.
For normal operation, the log level should always remain at the default setting (INFO). The log level is
only changed temporarily for a specific troubleshooting time period—typically at the request of the
customer support/TAC engineer. In most cases, the setting is switched from INFO to DEBUG or
TRACE for a specific interval, then reset to INFO after data is collected. Note that once you reboot the
CAM, or perform the
service perfigo restart command, the log level returns to the default setting
(INFO).
Caution Cisco recommends using the DEBUG and TRACE options only temporarily for very specific issues.
Although the CAM records logging information and stores them in a series of nine 20MB files before
discarding any old logs, the large amount of logging information can cause the CAM to run out of
available log storage space in a relatively short amount of time.