Symantec Access Management

Hi Team,

Below are the frequently seeing error message in our production smps.log file .... can some one pleases help me in resolving these

error 1:

[9864/4077079440][Tue Jan 29 2013 13:55:55][CServer.cpp:1948][ERROR] Bad security handshake attempt. Handshake error: 3156
[9864/4077079440][Tue Jan 29 2013 13:55:55][CServer.cpp:1963][ERROR] Handshake error: Failed to receive client ack. Socket error 9
[9864/4077079440][Tue Jan 29 2013 13:55:55][CServer.cpp:2121][ERROR] Failed handshake with ::ffff:10.39.5.136:54386
[9864/4087569296][Tue Jan 29 2013 13:55:55][CServer.cpp:1948][ERROR] Bad security handshake attempt. Handshake error: 3156
[9864/4087569296][Tue Jan 29 2013 13:55:55][CServer.cpp:1963][ERROR] Handshake error: Failed to receive client ack. Socket error 9
[9864/4087569296][Tue Jan 29 2013 13:55:55][CServer.cpp:2121][ERROR] Failed handshake with ::ffff:10.39.5.136:54389

error2:

[9864/3643534224][Tue Jan 29 2013 13:59:17][Sm_Az_Message.cpp:210][ERROR] Bad s21288/r20 request detected: error 'Cannot fetch agent n/x3w2pnan8cblony5gqcmz+2q9cxhjqwa3v8ar0llw5sdy0cl8av6tvj0zgxzyj'

error3:

[9864/3664579472][Tue Jan 29 2013 13:47:41][CServer.cpp:2216][ERROR] Failed to send response on session # 18859 : answerswebagent/::ffff:10.39.5.133:51626. Socket error 104
[9864/3579665296][Tue Jan 29 2013 13:47:41][CServer.cpp:2216][ERROR] Failed to send response on session # 18880 : answerswebagent/::ffff:10.39.5.129:59196. Socket error 104





Thanks,
Sandeep Kumar S

Hi All,

Any ideas here for Sandeep?

Thanks!
Chris

Good morning Sandeep,

We will need some more information to be able to help you. I can provide some generalities but without details it will be hard to provide root cause.

Questions
1) Policy server version and CR?
2) Policy server OS type and version?
3) Policy server Java type version and bit level?
4) Has Policy server version been patched with JCE?
5) Web agent version and CR?
6) Web agent web server type and version?
7) Web agent Web server OS type and version?


You really have several different messages here that could mean different things. I will try to break down each.

1) Bad security handshake attempt. Handshake error: 3156
This can be cause by trusted host being deleted from the policy server.
This can also be caused by the Policy server Java not being patched with JCE.

There are some others but these are the most common.


2) Bad s21288/r20 request detected: error 'Cannot fetch agent
Usually this one is simple, the users were accessing the application with book marked url, Agent keys was rolled over, so existing encrypted agent name in url is not valid.

3) answerswebagent/::ffff:10.39.5.133:51626. Socket error 104
Socket error 104 is a standard socket error code.
104 - A call to bind() function failed.

This error is returned when a error occurs during the transmission of some
data/message in our Transaction Layer Interface. This is the layer where
Agents communicate to Policy Servers. This error message is due to no
response received from the policy server.

This can be cause by many things
1) Policy sever being under too much load causing agents to close connection because they did not receive a response from policy server in a timely manor
2) There is a load balancer or firewall between web agent and policy server that is closing the connection.

There are others but these are the most common. Usually a network level trace is required to look into this further.

If my explanations of the errors you listed answered your question than there is no need for you to post the details above.
If you have further questions than I would suggest including that information in your next post.

hope this helps

Gene

Can we please get a list of errors and their meanings. For example: Handshake error: 3155, thanks for all the help

Error references are documented in the product docs https://support.ca.com/cadocs/0/CA%20SiteMinder%20r12%205-ENU/Bookshelf_Files/HTML/idocs/index.htm?toc.htm?ps-man.html

HTH