40.3 Troubleshooting the NetWare Access Gateway

40.3.1 Additional Options During the Boot Process

You can enter additional commands during the boot process to enable monitoring of the load process and local maintenance.

  1. Boot the machine and wait for the following screen:

    =================================================================
Loading Bootstrap ...
Preparing to start NetWare ...

Press any key to Interrupt
=================================================================

  2. Press any key. The following menu appears:

    =================================================================
Default NetWare configuration file detected (CONFIG.NW) Contents:
-LS 1024 -CON "Booting Novell(R) Access Gateway 3.0" -L

Type:
S to start NetWare
P to specify additional starting parameters
H for help
Enter selection:
==================================================================

  3. Enter P, then the following parameter:

    -NetWareOnly

  4. To start NetWare, enter S.

    The NetWare Access Gateway boots to the NetWare prompt, so you can do local maintenance.

  5. (Optional) During the blue screen where all the modules are counted in the load process, enter one of the following keystrokes:

    • To unlock this screen so you can see the loading process, press SHIFT+CTRL+ALT+U.

    • To boot to the NetWare command line, press SHIFT+CTRL+ALT+N.

    As a memory aid for the two key sequences, remember that U indicates unlock, and N indicates NetWare.

40.3.2 Unlocking the NetWare Access Gateway Console

Before you can enter NetWare commands or view the logger screen, you must unlock the console.

  1. To unlock the console, enter

    unlock

  2. When prompted for a password, press Enter.

    The console is now unlocked and the active screen is the device manager screen. From this screen you can enter device manager commands.

  3. To switch to the logger screen or other NetWare screens, enter 

    debug

  4. When prompted for a password, enter 

    proxydebug

  5. To switch from the device manager screen, press Ctrl+Escape and enter the screen number.

40.3.3 Setting the Date and Time at the Console

If you inadvertently set the date and time on the Access Gateway to a time before the certificates are valid, the Administration Console is denied access to the Access Gateway and can no longer interact with it. To correct this problem, you must reset the date and time at the Access Gateway console.

  1. Unlock the console.

    For instructions, see Section 40.3.2, Unlocking the NetWare Access Gateway Console.

  2. Switch to the device manager screen.

  3. Enter the following command:

    set date [year=<yyyy>,] [month=<mm>,] [day=<dd>,] [time=<hh:mm:ss>]

    Replace the variables with the following values:

    <yyyy>

    Replace with a four-digit value representing the current year, such as 2007.

    <mm>

    Replace with a two-digit value representing the current month, with 1 representing January and 12 representing December.

    <dd>

    Replace with a two-digit value, from 1 to 31, indicating the current day of the month.

    <hh:mm:ss>

    Replace hh with a two-digit value, from 1 to 24, indicating the current hour. Replace mm with a two-digit value, from 0 to 60, indicating the current minutes. Replace ss with a two-digit value, from 0 to 60, indicating the current seconds.

    For example, to set the date to December 1, 2006 and the time to 10:10 am, enter the following:

    set date year=2006, month=12, day=1, time=10:10:00

    The set date command disables NTP. Use the Administration Console to enable it.

40.3.4 Command Line Options

Access Manager has been designed to use the Administration Console for most management and configuration tasks. If you have created a group for your Access Gateways, Novell highly recommends that you use the Administration Console for these tasks.

The Access Gateway does not push configuration changes to the Administration Console. As soon as you make a change at the Administration Console and save the change, the Administration Console pushes the change to the Access Gateway and wipes any changes that have been made manually with the command line interface. Various troubleshooting tips explain how to use various command line options; other than troubleshooting, you should have very little cause to use them.

The NetWare Access Gateway uses the SET command syntax for its command line options. You must unlock the console to gain access to the command line prompt. (See Section 40.3.2, Unlocking the NetWare Access Gateway Console.)

To get a list of possible commands, enter the following command at the command line prompt:

help

To get help for a particular command, enter 

help <command_name>

Replace <command_name> with the name of a command, such as set.

40.3.5 Telnet Fails after Performing an Upgrade

After preforming an over-the-wire upgrade, Telnet does not allow you to connect. To correct this problem, enter the following command at the NetWare Access Gateway console:

clear adminacl serveraddress

40.3.6 SSL Certificate Error with X.509 Authentication from NetWare Access Gateway

If you set up an X.509 contract and use it to authenticate from the NetWare Access Gateway, you might see an error generated for the SSL certificate, causing possible problems authenticating with certificates. This occurs during SSL re-negotiation between Tomcat and the Internet Explorer browser, and is possibly an Internet Explorer bug. This error does not occur when using Firefox.