PingOne

Troubleshooting a RADIUS gateway instance

If the gateway instance is not healthy, use the information in this section to troubleshoot any issues.

The following information applies to the various gateway deployment scenarios. You can use the gateway details page, gateway logs, or Splunk reports to identify issues. Learn more in Verifying a gateway instance and Monitoring activity with Splunk.

I want to view the audit logs

You can view logs to get detailed information about the Gateway service. The method to do so varies depending on your gateway configuration.

Gateway as a standalone service

By default, log files are saved to the ./logs directory on the computer running the gateway. Log files roll over by date.

To view the logs, locate the ./logs directory. The logs are namedGatewayStandalone.yyyymmdd.log

Gateway as a Windows service

By default, log files are saved to the ./logs directory on the computer running the gateway. Log files roll over by date.

To view the logs, locate the ./logs directory. The logs are named:

  • GatewayService.yyyymmdd.log

  • GatewayWrapper.yyyymmdd.log

    The GatewayWrapper.yyyymmdd.log file mirrors the console output of the standalone version, with additional logs.
Gateway as a Docker container

To view logs for a Docker container, run the following command:

docker logs  <container ID or name>

My connection is taking too long to resolve

If your connection is taking a long time, check the following:

  • If the connection is configured with a string host name, try using an IP address instead.

  • On the server that you want to connect to, ensure that the desired port is open.

  • Ensure there aren’t any routing issues in your infrastructure that could affect the ability of the gateway server to reach the LDAP server or Remote Authentication Dial-In User Service (RADIUS) client.

  • Sometimes it can take several seconds for the connection information to be updated in the console user interface. Try refreshing the page to get the most current information.

I want to increase scalability

For high-availability applications or scalability, you can deploy multiple gateways. You can then run the Windows service, Docker container, or Java application on multiple servers.

When multiple gateways are deployed, PingOne maintains a list of the active gateways and uses a round robin algorithm to route the request to the first available gateway instance. If a gateway is not available, it is excluded from the list of active gateways.

Use a different credential for each deployed gateway instance. Using different credentials allows you to easily revoke access to individual gateways.