Test Connectivity from the Device to the CloudGen Access Proxy
- Get the CloudGen Access Proxy details from the CloudGen Access Enterprise Console.
Try to open an SSL connection to the proxy and confirm that the first lines reference
CloudGen Access Root Certificate Authority.
? openssl s_client -showcerts -servername <proxy_host> -connect <proxy_host>:<proxy_port> CONNECTED(00000006) depth=3 CN = CloudGen Access Root Certificate Authority verify error:num=19:self signed certificate in certificate chain verify return:1 depth=3 CN = CloudGen Access Root Certificate Authority verify return:1 depth=2 CN = CloudGen Access Intermediary Certificate Authority verify return:1 depth=1 CN = CloudGen Access://xxxx-xxxxxx-xxxx/ verify return:1 depth=0 verify return:1 ...
If the request fails or the operation times out, that means that you are not reaching the CloudGen Access Proxy.
Check the following:
- The Proxy Host DNS record is being resolved to the correct IP address.
- The Proxy Host IP address, if using IP instead of DNS, is correct.
- NAT configuration in the device/service that is exposing the CloudGen Access Proxy.
- Firewall rules to allow inbound communication to the configured CloudGen Access Proxy.
Check if the Device Is Trying to Access the Resource with the CloudGen Access App
Check the IP address for the failing resource. It should return an IP in the following range:
- 255.0.0.0/8 for Unix/Linux-based systems
198.18.0.0/15 for Microsoft-based systems
? nslookup myresource.private Server: 192.0.2.5 Address: 192.0.2.5#53 Name: myresource.private Address: 255.0.0.12
Next steps:
- Confirm that the CloudGen Access App is running and the tunnel is started.
- Check that the CloudGen Access App is enrolled in a tenant.
- Confirm the resource is created in the CloudGen Access Enterprise Console.
- Resource list update on CloudGen Access App can take up to 15 minutes. Force refresh if your CloudGen Access App version allows it.