How to collect data for ADC Gateway, Storefront, and VDA issues
book
Article ID: CTX280921
calendar_today
Updated On:
Description
To provide a comprehensive guide on how to properly collect data for issues with ADC when these issues are related to Gateway, Storefront, or VDA connectivity issues.
Instructions
These steps should be followed in the order provided to ensure the necessary date is captured. Additional information is provided for some steps marked by "**".
Test PC refers to the PC (or thin client) used to replicate issues.
- On the Test PC, Install the latest version of Wireshark, when prompted install WinPcap, and use the defaults for any prompts. Open Wireshark and Select the correct Ethernet or WiFi adapter from the Capture section.
- Enable Receiver/Workspace Debug logging: https://support.citrix.com/article/CTX141751.
**This step can be skipped if the issue is being replicated using a Browser** - On the Test PC Log off Receiver/Workspace and FULLY Exit. Ensure the Receiver/Workspace Tray Icon is exited as well.
**This step can be skipped if the issue is being replicated using a Browser** - On the ADC, Ensure Debug logging is enabled at System->Auditing->Change Auditing Syslog Settings->Set Log Levels to ALL->Click Ok.
- On the ADC, Ensure Debug logging for Auth is enabled at Gateway->Global Settings->Under Authentication Settings click Change authentication AAA Settings->For BOTH "AAA Session Log Levels" and "AAAD Log Level", set both to DEBUG -> Click Ok.
- On the ADC, Ensure Session Reuse is Disabled on the relevant Gateway at Gateway -> Vservers -> Edit Vserver -> SSL Parameters -> Uncheck “Enable Session Reuse”.
**This should not cause service interruptions and ensures traces will decrypt** - On the ADC, Ensure Session Reuse is Disabled on the Storefront LB Vserver (if you have one) at Traffic Mgmt -> Load Balancing -> Vservers -> Edit Vserver -> SSL Parameters -> Uncheck “Enable Session Reuse”. Repeat for all Services and Service Groups bound to the LB Vserver.
**This should not cause service interruptions and ensures traces will decrypt** - On the ADC, Go to System->Diagnostics->Start a trace, start the trace using the settings in the image; be sure to change all highlighted items.
**NOTE: Preference is that the trace is unfiltered, however if you absolutely must filter the capture, ensure you capture all these items: CONNECTION.IP.EQ(ClientIP) || CONNECTION.IP.EQ(VIP_VserverIPs) || CONNECTION.IP.EQ(Storefront_Server_and_Vserver_IPs) || (CONNECTION.PORT.EQ(514) || CONNECTION.PORT.EQ(8766)
**SSL Master Keys are not your private keys; they are session keys while will only decrypt this trace. This does Not work with FIPS ADCs as the SSL Session Keys cannot be captured from the FIPS HSM.**

- Ensure the trace is running and you acknowledge the decryption message prior to proceeding.

- On the Test PC, in Wireshark, Ensure the correct adapter was selected and then click the Blue Shark Fin icon underneath "File" to start capturing.
- Start Workspace Tracing.
**This step can be skipped if the issue is being replicated using a Browser** - On the Test PC, open Incognito Browser Window (or Workspace whichever is applicable for the issue) and replicate the issue.
- Take note of the exact time when the issue is replicated and provide it to your support representative via Email.
- If this is a VDA issue, capture the IP of the VDA connected to and provide it to your support representative via Email.
**This can be skipped if not a VDA issue** - On the Test PC, stop the Wireshark trace by clicking the Red Square next to where the Blue Shark Fin was. Click File->Save and Save the trace as clienttrace.cap
- On the test PC, stop the Receiver Tracing, and Collect the logs.
**This step can be skipped if the issue is being replicated using a Browser** - On the test PC, capture the Internal IP (ipconfig) and External IP (whatsmyip.org) and provide them to your support representative via Email.
- On the ADC, stop the trace and Download the .cap files and the .sslkeys session keys files.
- On the ADC, Generate a support file at Diagnostics->Generate support file, Select NODE. This will take some time to complete; be sure to download the generated file and provide it at step 22 below.
**The support file can also be manually collected using CLI command "show techsupport". Then download the file using WinSCP and locate the file at /var/tmp/support/collector_P_IPADDR_DateAndTimeCaptured.tar.gz** - If this is a Storefront related issue, such as SSO or enumeration, export the Event Viewer logs from Storefront by the below process.
**This should be skipped if not a Storefront SSO or Enumeration issue**
a) Highlighting all Event Logs for the time-frame in question
b) Clicking Save All Events As.. .on the right Actions Menu
c) Providing a filename and Clicking Save
d) In Display Information Dialogue, selecting the options as displayed
e) Zipping up the saved EVTX file along with the LocaleMetaData folder

- Upload all files listed below to https://cis.citrix.com - If you cannot access the link from within your company, utilize a different internet connection or PC to upload the files.
ADC Traces
ADC SSLKEYS
ADC Support File downloaded from step 19
Client Trace zip
Receiver Tracing zip (if collected)
Storefront EventLogs (if collected) - Do not forget to email the information from steps 13, 14, and 17.
Issue/Introduction
A comprehensive guide on how to properly collect data for issues with ADC when these issues are related to Gateway, Storefront, or VDA connectivity issues.
Was this article helpful?
thumb_up
Yes
thumb_down
No