Understand the common errors that can occur after the Content Gateway configuration on Unified Access Gateway.

Content Gateway does not have specific error codes or messages to communicate the errors. You can identify the errors in the Content Gateway instance using the standard HTTP status codes. To troubleshoot errors on Unified Access Gateway, see Troubleshooting Unified Access Gateway Deployment.

Connection and Repository Error Logs

Log files on Content Gateway test connection failures, repository-related errors when accessed through Content Gateway, upload or download related issues from the device can be obtained from the Unified Access Gateway log archive. You can download the UAG-log-archive.zip file from the Support Settings section in the Unified Access Gateway Admin UI. For more information on log files, see Collecting Logs from the Unified Access Gateway Appliance.

Verify Packet Install Status

To check information about a specific package installed on the Unified Access Gateway Photon Machine, use the following command:
 $ tdnf info <packagename>

Verify Content Gateway Connectivity

To check the health API endpoint connectivity, use the following URL on your browser.
https://<UAG_Content_Gateway_URL>:<port>/content/awhealth

The URL returns the HTTP status as 403 on the browser. You must mention the port if Content Gateway is configured using any port other than 443 on Unified Access Gateway.

Identify Network File Share Errors

Verify the status of the SMB connector on the Unified Access Gateway where Content Gateway is configured. The status of the SMB connector helps to identify Network File Share related errors like test connection errors, synchronization, upload, or download errors on the device.
  1. Open the Unified Access Gateway console through VMware v-Sphere.
  2. To open the SMB connector folder, run the required command.
    $ cd /opt/airwatch/content-gateway/smb-connector/
  3. To export the SMB connector library, run the required command.
    $ export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/airwatch/content-gateway/smb-connector/lib/
  4. To run the SMB library, run the required command.
    $  ./smbconnector

    To ensure that there are no SMB connector errors on the Unified Access Gateway Photon Machine, verify the SMB output.

Verify Content Gateway Traffic

Verify that the Content Gateway configured on port 443 (standard port) internally reroutes the traffic on port 10443.

  1. To install the tcpdump & ethtool, run the required command.
    $ "/etc/vmware/gss-support/install.sh"
  2. To verify the traffic flow on a specified port, run the required command.
    $  tcpdump -i any -n -v tcp port 10443 -w <filename.pcap>
  3. To verify the traffic, perform the test connection of Content Gateway on the Workspace ONE UEM console.

    To verify the traffic, perform the test connection of Content Gateway on the Workspace ONE UEM console.

Content Gateway Domain Join Configuration

This section provides information about the different domain join configurations for the SMB connector.

DNS Resolution Using the Hosts File

If the environment does not have any DNS servers or they are unreachable, add local configurations in the hosts file. You can add host entries to the host file using the Host Entries parameter available on the Unified Access Gateway Admin UI.

Configure Multiple Repositories and the Same Domain

If all users on the same domain are accessing multiple file share repositories through Content Gateway, the domain can be added into smb.conf for a quicker resolution. Adding the domain to smb.conf helps the users to avoid entering domain names while providing login credentials.
  1. Navigate to /opt/airwatch/content-gateway/smb-connector/smb.conf and uncomment the workgroup section.
  2. Add the user domain to the smb.conf file.

    The following image displays a domain that is added to the smb.conf file:

Configure DNS for Host Name Resolution

If short names are used or if host names of target shares are not resolved, perform the following configurations.
  1. Add the DNS Server.
    1. Navigate to /etc/resolv.conf and open the resolv.conf file.
    2. Add DNS server IPs in the resolv.conf file.

      Adding server IPs directs the queries to the appropriate DNS server. Add multiple servers in multiple lines.

  2. If shares are not provided or configured as FQDN, and DNS servers do not resolve them properly, add Fully Qualified Domain Name (FDQN) to Search.
    1. Navigate to /etc/resolv.conf and open the resolv.conf file.
    2. Add the search parameter and provide the FQDNs that you want to be queried.

      Multiple entries can be added by separating the entries with space.