Archive

Archive for the ‘troubleshooting’ Category

Microsoft Message Analyzer has Released – A New Beginning

September 26th, 2013 Comments off
Microsoft Message Analyzer

Microsoft Message Analyzer

As the official release of the Microsoft Message Analyzer is here, a new era for troubleshooting and analysis has been defined. The Microsoft Message Analyzer brings a new set of ideas and techniques to make analysis of protocols, log files, and system events allowing  you to virtually explore and correlate any kind of structured message data and traces.

The Microsoft Message Analyzer brings together Event Tracing for Windows, NDIS, Firewall and HTTP Proxy providers to mix and match using Grouping, Quick Filtering or an alternate viewer to see what you want and how it’s connected. You can then save your trace scenario and share it with your colleagues.

You can download the official release of Microsoft Message Analyzer from the Microsoft Download Center her: http://www.microsoft.com/en-us/download/details.aspx?id=40308

You can access the Message Analyzer Team Blog here: http://blogs.technet.com/b/messageanalyzer/

Or access the official Microsoft Message Analyzer Operating Guide here: http://technet.microsoft.com/en-us/library/jj649776.aspx

Analyze Now :)

 

 

Changing the IPHTTPS tunnel certificate in DirectAccess

September 15th, 2010 Comments off

Yet another day of troubleshooting DirectAccess, this time it was about a broken IPHTTPS tunnel. During the troubleshooting we recognized that the client is not able to establish a connection the the IPHTTPS url https://da.domain.com/IPHTTPS, using a network sniffer we could very clear see the server sending a reset packet after the Client Hello message. This indicates that the SSL server is not able to continue communicating using SSL. Knowing that there was a certificate change just a few days before this error occurred we found that the old certificate was still used for the SSL binding at the DA server even though the configuration was reapplied using the DA management console after the certificate change.

When changing the certificate used for the IPHTTPS tunnel it is very important to clear the old SSL certificate binding before adding the new one.

If you configured your DirectAccess using the DA management console follow the steps below to change the IPHTTPS certificate:

·         Run the command: netsh http show sslcert
This will show the current sslcert binding with details about ip, port and the certificate

·         Delete the old bindning using the command: netsh http del sslcert

·         Using the DA management console, select the new IPHTTPS certificate, save an apply the new configuration

If you configured your DirectAccess using scripts or netsh commands to define all setting follow the steps below to change the IPHTTPS certificate:

·         Run the command: netsh http show sslcert
This will show the current sslcert binding with details about ip, port and the certificate

·         Delete the old bindning using the command: netsh http del sslcert

·         Add the new sslcert binding using the command: netsh http add sslcert

 

/Hasain