Health check troubleshooting
When a health check fails or is down, FortiGSLB Cloud provides the details and reasons for the failure for troubleshooting. The below is a list of frequently occurring error messages and how to troubleshoot them according to each health check type.
DNS health check
Error message |
When this message will show |
How to troubleshoot this error |
---|---|---|
DNS service refused | FortiGSLB sends the DNS query request to your service, but it only gets the response that it was refused, i.e. your DNS server does not have the information about the domain. |
|
DNS record mismatch | FortiGSLB sends the DNS query request to your service, and gets the response from your service for the domain. But the IP address in the response does not match what you have configured in FortiGSLB. | In your FortiGSLB DNS Health Check configuration, ensure the Host Address field matches your domain server IP address. |
DNS request timeout | FortiGSLB sends the DNS query request to your service, but does not get the response from your service within the specified time. |
|
ICMP health check
Error message |
When this message will show |
How to troubleshoot this error |
---|---|---|
ICMP check failed on service | FortiGSLB sends the ICMP echo request to your service, but does not receive the ICMP echo reply from your service. |
|
TCP/TCP Echo
Error message |
When this message will show |
How to troubleshoot this error |
---|---|---|
TCP check failed on service | FortiGSLB sends the TCP/TCP echo request to your service, but does not receive the reply from your service. |
|
UDP health check
Error message |
When this message will show |
How to troubleshoot this error |
---|---|---|
UDP check failed on service | FortiGSLB sends the UDP request to your service, but does not receive the reply from your service. |
|
HTTP/ HTTPS health check
Error message |
When this message will show |
How to troubleshoot this error |
---|---|---|
Connect to server timeout or Connect failed | FortiGSLB sends the HTTP/HTTPS request to your service, but cannot get the response from your service within the specified time. |
|
HTTP received message mismatch | FortiGSLB sends the HTTP/HTTPS request to your server, and gets the response. But the response does not match your configured “Receive String”. |
|
HTTP status code mismatch, the code is 401(Unauthorized) | FortiGSLB sends the HTTP/HTTPS request with the Username and Password to your server, and the server responds with code 401. |
|
HTTP status code mismatch, the code is 404(Not Found) |
FortiGSLB sends the HTTP/HTTPS request to your server, the server responds with code 404. |
|
HTTP status code mismatch, the code is 502(Bad Gateway) |
FortiGSLB sends the HTTP/HTTPS request to your server, and the server responds with code 502. |
|
HTTP status code mismatch, the code is 503(Service Unavailable) |
FortiGSLB sends the HTTP/HTTPS request to your server, and the server responds with code 503. |
|
HTTP status code mismatch |
FortiGSLB sends the HTTP/HTTPS request to your server, and the server responds with an error code not specified above. |
In your FortiGSLB HTTP/ HTTPS Health Check configuration, ensure the Send String field is correct and the Status code is as expected. |
SSL connection error |
FortiGSLB sends the HTTPS request with the certificate to your service and gets an error response that the certificate does not match. |
In your FortiGSLB HTTPS Health Check configuration, ensure the Allowed SSL Versions and SSL Ciphers fields are correct, that the content of the Local Cert is correct. |
Proxy connect error |
FortiGSLB sends the HTTP Connect request to your proxy server, but does not get any response from the server. |
|