Troubleshooting
Problem
Unable to get a Secure Gateway connection successful in Planning Analytics on Cloud. Looking closely at the Planning Analytics Administration and it shows the Secure Gateway client connection status as "Disconnected".
Symptom
Secure Gateway client log file shows one of the following errors:
- "The Secure Gateway gateway ID was either not recognized or requires a security token to connect, error was: SELF_SIGNED_CERT_IN_CHAIN
... Process exiting without errors due to user or server request".
- UNABLE_TO_GET_ISSUER_CERT_LOCALLY
Cause
Proxy rule for port 443 and/or 9000 was not added to Zscaler.
Resolving The Problem
If you are migrating traffic from the McAfee proxies to Zscaler. Verify that the firewall rules are migrated to Zscaler as well. In this particular case, the proxy rule for port 443 was not. Once added the server IP and the destination IPs to the server/app rule in Zscaler. That is when the Secure Gateway client connection worked and showed as "Connected".
In order to get a successful Secure Gateway client connection, ensure that the network has external access via port 443 and 9000 (outbound).
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSD29G","label":"IBM Planning Analytics"},"Component":"Secure Gateway","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF043","label":"Red Hat"},{"code":"PF033","label":"Windows"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Was this topic helpful?
Document Information
Modified date:
20 September 2021
UID
ibm11088722