Is there any document/guide describing in detail how to interpret DART logs for AnyConnect troubleshooting?
I am trying to troubleshoot a single-user AnyConnect connection issue using DART logs for the first time. A user received a new corporate laptop and since then he is unable connect to VPN from home.
There are a lot of generated logs and i am trying to figure out what could be a useful clue, and what is noise.
For example, I see these logs (between many others) from the day the user received new laptop:
A new network interface has been detected. Network Interface change detected, refreshing physical MAC addresses The client's public address is now set to x.x.x.x DNSREQUEST_ERROR_NO_SUCH_NAME Failed to resolve [A] query vpn.companyname.com via DNS server y.y.y.y Host z.z.z.z could not be resolved to an IPv4 address NETENVIRONMENT_ERROR_DNS_RESOLUTION_FAILED:Domain name resolution of the host targeted by the network probe has failed SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT HTTP_PROBE_ASYNC_ERROR_CANNOT_CONNECT HTTPS (host z.z.z.z) NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target
And then these same logs pretty much repeats again and again.
Maybe someone could give some troubleshooting tips given this output of DART logs?
There is no guide that I know that explains how to read DART logs. I can highlight a few tips from experience:
1) DART logs every connection, so there could be multiple sessions. Start from the last "has been requested by the user" message on wards to that you only have to deal with one connection attempt. Separate them all logs from that point into a separate text file.
2) Look for Errors in the type under each message. You should see something like "Type: Errors". This may not always be the case, but most of the time a connection failure has one Error type message that is related.
3) Correlate the exact failure time with the DART message. Anyconnect connections could take anywhere from 15-90 seconds for a normal attempt. If you can note the exact time when the user received the message (including seconds), go backwards from there and look for an error that corresponds to it.
Hope this helps.
Hello Rahul/TAC team,
We have a user , who is facing VPN when switches from LAN to WLAN he is fine but from WLAN to LAN he faces issues.
Attached are is DART bundle logs. Further we had some internal discussion and it came up some issues with Trusted Network Detection (TDN), could you please let us know what is it by some definition and please help us in how to review these logs.