Preliminary Troubleshooting for Cloud Authentication Failure in ADS, NTA and ADSM

Preliminary Troubleshooting for Cloud Authentication Failure in ADS, NTA and ADSM

February 1, 2024 | NSFOCUS

If the virtual product uses cloud authentication, it needs to communicate with the cloud authentication center periodically every day to complete the authentication and ensure availability. You can confirm the authorization mode by checking the Authorization Mode of the license. For example, in the image below, NTA uses cloud authorization.

If the product fails to communicate with the cloud authentication center for a continuous number of days, it will enter an unauthorized status, causing the engines to be deactivated, and unable to perform any configuration or upgrade processes. If you encounter issues with cloud authentication failure or authorization entering an offline state, you can try the following preliminary troubleshooting steps. If the issue persists, please contact the support team for further assistance.

1. Check DNS Configuration

Ensure that the device’s DNS is properly configured to resolve the cloud authorization address.

2. Collect the cause of authorization failure in running logs

If “Error server IP or port” is displayed, the error is basically a network connection problem. Please check the network connection, wait a longer time, or try to switch the authorization site.

3. Verify Network Connection

Check the reachability of the network connection between the product and the cloud authorization center. You can perform a ping/tracert/telnet from the product to the authorization center. The product utilizes a random port to communicate with the cloud authorization on port 5050 for the authorization process. Ensure there is no port-blocking issue. Additionally, it’s important to note that this communication is bidirectional, so both inbound and outbound communication should be allowed.

Device Random port <-> Cloud Server (auth.nsfocusglobal.com, auth.api.nsfocus.com) 5050 Port

Try to capture packets from the product management IP addresses to the cloud authorization center to further analyze the communication.

4. Try changing the cloud authorization center to exclude the network fluctuation issue.

If the issue persists, please feel free to contact the support team for further assistance.