Secure Email Gateway (SEG) Common Issues

Devices do not receive email

If a device does not receive email, the user will typically see a "Cannot connect to mail server" or equivalent error on his/her mobile device. Assuming that the device has not failed an email compliance rule in such a scenario, follow the steps below (in order of priority):

  • Verify connectivity from the SEG server to:
    • Email server
    • API Server - not required typically, unless you feel that compliance rules are not being updated properly on the SEG server, resulting in email sync issues
  • Change the following logs to verbose (for Shared-SaaS environments, first check for errors and then verbose if necessary):
    • Web Listener
    • EAS Integration Service (requires the service to be restarted) - not required typically, unless you feel that compliance rules are not being updated properly on the SEG server, resulting in email sync issues

Once logs are retrieved, run through the process flow and check for known errors in the log files. Some key points to keep in mind:

  • For all practical purposes, the SEG can function in a stand-alone mode without connectivity to the API; however, bulk policy refreshes do not take place during such a time
  • Remember to check for errors that might possibly be returned from the email server (if "received from remote server" or equivalent is seen, it typically means the error is originating at the email server)

 

Bulk policy refresh fails

If compliance rules do not get updated, use the following steps to troubleshoot the issue:

  • Verify connectivity from SEG server to API server
  • Change the EAS Integration Service and api (AirWatch Service) logs to verbose

Once connectivity is verified and logs are in verbose-mode, run through the process flow as discussed above in order to troubleshoot the issue. Some common issues:

  • Network latencies between SEG server and API server, errors seen on the EAS Integration Service log
  • Database timeouts in the API log when retrieving large amounts of data

 

Email Dashboard does not get updated

In case the email dashboard is not updated with the latest information in a SEG deployment, follow the steps below:

  • Change the following configuration files to verbose logging mode (for Shared-SaaS environments, check for errors on non-SEG components, and verbose if necessary)
    • Web Listener
    • EAS Integration Service
    • API
    • MEG Queue Reader Service
  • Check the logs in the following order
    • Web Listener: Check for any errors and attempt to resolve these first (this is the first checkpoint for the device and hence needs to be looked at)
    • EAS Integration Service: Check for errors and attempt to resolve (typical issues include certificate (SSL/TLS) problems or that the service did not restart properly after an install). If the Listener does not throw any errors, it is possible that there is a communication issue from the SEG (EAS Integration Service) to the API
    • API: Check for errors like receiving information from the EAS Integration Service or writing to the AWMegPayloadsQueue
    • MEG Queue Reader Service: Check for errors reading from the queue or writing information to the database

Ping and Sync requests are not logged by default, and hence the dashboard will not update for these requests being issues by the device. These can be enabled in System Settings > Email > Configuration > Advanced section

 

Device events are not being sent to the SEG

Policy update issues are usually observed when an enabled policy seems to fail (e.g. Block unmanaged devices failed to block a newly unenrolled device). In such scenarios, follow the steps below:

  • Change the following configuration files to verbose (for Shared-SaaS environments, check for errors first)
    • Entity that triggers the "device state change event"
    • MEG Queue Reader service (requires service restart)
    • SEGConsole (requires app pool recycle)
  • Check logs for errors:
    • Communication errors between state change triggering entity and AWSegCompliance queue
    • MEG Queue Reader service errors while reading from the queue
    • Communication issues between MEG queue reader service and SEG Console
Have more questions? Submit a request

0 Comments

Article is closed for comments.