Product Documentation

Generating the Secure Gateway Diagnostics Report

Oct 09, 2015

The Secure Gateway Diagnostics tool presents configuration information and results of communication checks against servers hosting components such as the global settings, network protocols, and certificates. It is a quick and easy way of performing a series of checks to ascertain the health and status of the Secure Gateway components.

To launch the Secure Gateway Diagnostics tools, click Secure Gateway Diagnostics from the Administration Tools found in the Citrix program group or from the Secure Gateway Management Console on the Start menu.

The diagnostics tool scans the registry and reports global settings for the Secure Gateway. It uses the Secure Gateway configuration information to contact servers running the Web Interface, the Secure Gateway Proxy, and the STA, and reports whether or not the communication check passed or failed. It examines the server certificate installed on the server running the Secure Gateway and checks credentials and validity.

In the Secure Gateway Diagnostics window, information icons indicate that a registry or configuration value is present:

Information icon A registry or configuration value is present.
Warning icon A registry or configuration value is missing.
Passed check icon A communication check for the component passed.
Failed check icon A communication check for the component failed.

For any component marked with a warning or failed check icon, verify that you properly installed the component and provided all necessary configuration information.

Viewing the Secure Gateway Events

Event logging allows administrators and Citrix support representatives to diagnose problems with the Secure Gateway.

To view Secure Gateway events

  1. Open the Control Panel and double-click Administrative Tools.
  2. Double-click Event Viewer.
  3. Expand the Applications and Services Logs node and select Secure Gateway. All errors and events generated by the Secure Gateway appear in the right pane.
  4. To view additional information, double-click an entry in the right pane. The General tab contains the event ID and a brief description of the Secure Gateway error.

Logging Events with the Secure Gateway Event Viewer

The Secure Gateway Event Viewer is a customized Windows Event Viewer that displays errors and events generated by the Secure Gateway. The error messages include:

Messages of normal operational events, such as starting or stopping the Secure Gateway.
Messages of operational failure events that prevent the Secure Gateway from starting.
Messages regarding a partial failure of the Secure Gateway.
Messages logged as a result of events such as corrupted data requests, data packets received, or ticket time-outs.
Messages that are logged as a result of client connection events.

The Secure Gateway error messages can be viewed using Windows Event Viewer.

If a client is connected to the Secure Gateway and the Secure Gateway is restarted, the Secure Gateway does not generate service stop and service start event log messages. If a client is not connected and the Secure Gateway is restarted, Secure Gateway does generate these messages.

Viewing the Secure Gateway Access Logs

The access logs generated by the Secure Gateway service record connection information. For the Secure Gateway, the access logs record HTTP, SOCKS, and CGP connection information. The Secure Gateway Proxy access log records SOCKS connections. Each access log provides specific information regarding connections.

To view the Secure Gateway access logs

  1. Open Windows Explorer.
  2. Navigate to the following path: The default path for the error logs is the installation path for the Secure Gateway or the Secure Gateway Proxy, typically %systemroot%\Program Files\Citrix\Secure Gateway\logs.
  3. Open the log file with an ASCII text editor such as Notepad.