This article describes some of the most common issues seen in UNMS and how they will appear in device logs.
Table of Contents
- Connection Error
- Connection Established and Closed
- Problem with AES Encryption
- Connection Error HS: ACCEPT Missing
- Connection Error with SSL
- Connection Terminated by UNMS (While Establishing Connection)
- Connection Terminated by UNMS (While Getting System Info)
- UNMS Connector Can't Access Local Device Data
- How to Switch "udapi-bridge" to Verbose Mode
- Related Articles
This article is intended for users who would like to analyze their own device logs. The following sections describe some of the most common scenarios along with an explanation of how that issue will appear in the device log.
Sep 12 15:20:57 udapi-bridge: connection error (XXX.YYY.ZZZ:443)
This is a generic network error which means that the device can't reach the UNMS server. Check that the device can ping the UNMS server and that it can connect to UNMS via WebSocket with SSL. There is a detailed tutorial on how to verify this on this help article. If the device in question is an EdgeRouter and it is being used as a gateway then it might be a problem with resolving UNMS hostname. See our UNMS - Connecting Devices in Private IP Range article for more information on that.
Jun 12 08:10:12 udapi-bridge: unms: connecting to XXX.YYY.ZZZ:443
Jun 12 08:10:12 udapi-bridge: connection error (XXX.YYY.ZZZ:443): getaddrinfo (ipv4) failed
This is an error in the DNS settings. It is necessary to check that all DNS settings (even secondary ones) are set up properly.
Connection Established and Closed
May 30 13:07:50 udapi-bridge: unms: connecting to XXX.YYY.ZZZ:443
May 30 13:07:50 udapi-bridge: connection established
May 30 13:07:50 udapi-bridge: connection closed
The device successfully connects to UNMS, therefore, no network issue is present, but the connection is closed by UNMS within a second or two. The most common cause is the AES key error. If you follow the AES key error troubleshooting guide but you are still getting the same error messages in the device log, search for IP/MAC of the affected device in the log. You should be able to find a specific reason for device disconnection. Either the device was sending data unreadable by UNMS or UNMS may be overloaded.
Problem with AES Encryption
2017-07-26 11:53:04 ERROR failed to decrypt AES-encrypted message 2017-07-26 11:53:04 ERROR failed to decode message from UNMS
This error means that the AES key for the device does not a match the AES key designated to it in UNMS. There could be several reasons, but the most reliable solution, albeit the longest to configure, would be the following:
- Disable UNMS and remove the UNMS key in the device's UI.
- Click the
deletebutton on the device in UNMS's device list.
- Click the Add Device button in UNMS and copy the UNMS key to the clipboard.
- Paste the UNMS key to the device and enable UNMS.
- The device should now appear as connected in UNMS
Shorter solutions with possible disadvantages:
- Remove the device from UNMS, losing device statistics, backups, etc.
- Use UNMS Remote Discovery which fixes the AES key when the device is connected through it. This solution may be limited since some devices are not able to be discovered.
- If the device is present in UNMS with the triangle error icon and the button 'Reset UNMS key' you can use this button to automatically delete the device's AES key record from UNMS and insert the generic UNMS key into the devices. Immediately after this is done and device is connected again a new AES key is generated for the device and recorded both in the device (as a device-specific UNMS key) and in the UNMS records.
Connection Error HS: ACCEPT Missing
Nov 15 22:43:17 udapi-bridge: connection error (XXX.YYY.ZZZ:443): HS: ACCEPT missing
There are two most common reasons for this error:
1. Incorrect UNMS key
This error will appear when a device with a badly formatted UNMS key tries to connect. An incorrect format could be caused by a forgotten space in the UNMS key string or a non-standard character in front of it:
There are several ways to incorrectly format a UNMS key, so it is recommended that if this message appears in the log, to first identify which device is the cause, and then check its UNMS key for any errors.
2. Error with a custom reverse proxy
This error only affects users that are using their own custom proxy between UNMS devices. Those devices use WebSocket Secure connection (WSS) for communication with UNMS, therefore the proxy must be configured to handle WebSocket communication with TLS properly on its public-https-port. See our example configurations for Nginx and Apache. UNMS brings its own preconfigured Nginx server, so it is not necessary to place a custom HTTPS proxy.
Connection Error with SSL
Sep 1 16:31:37 udapi-bridge: connection error (XXX.YYY.ZZZ:443): lws_ssl_client_connect2 failed
This logline means that the device doesn't trust the UNMS certificate. There could be multiple reasons for this situation:
- A device has a wrong time and it'ss necessary to allow NTP service.
- It is a generic error for UNMS certificate.
Connection Terminated by UNMS (While Establishing a Connection)
Sep 9 14:25:16 udapi-bridge: peer closed connection (status 1000): Connection terminated by UNMS while establishing connection.
Sep 9 14:25:16 udapi-bridge: connection closed
This error will appear when the device can reach UNMS but UNMS terminates the connection. It's typically followed by this error in the UNMS log:
WS - problem with establishing connection from <ip of site>, unexpected data: Error: Unsupported state or unable to authenticate data)
Connection Terminated by UNMS (While Getting System Info)
Jul 28 22:26:41 dapi-bridge: peer closed connection (status 1000): Connection terminated by UNMS while getting system info.
This error means that UNMS can't connect with this device. It could mean that the device's model or firmware is not supported, or that there is a problem with parsing the device info. If you see this error, please contact us via UNMS community. We would like to know your device model, firmware version and see the UNMS logs and device support info.
UNMS Connector Can't Access Local Device Data
2017-08-06 00:37:55 ERROR recv(): socket closed 2017-08-06 00:37:55 ERROR failed to parse header 2017-08-06 00:37:55 ERROR failed to perform EdgeOS socket request 2017-08-06 00:37:55 ERROR connect(): Connection refused 2017-08-06 00:37:55 ERROR failed to initialize stats socket 2017-08-06 00:37:57 ERROR connect(): Connection refused 2017-08-06 00:37:57 ERROR failed to initialize stats socket
These error lines mean that the UNMS connector (
udapi-bridge) can't access the local device sockets and receive device statistics and read configuration. In this case, please send us your device support files. See the following section on how to retrieve more information from
udapi-bridge in verbose mode.
How to Switch "udapi-bridge" to Verbose Mode
In some cases, it will be necessary to have more information than the one provided in a standard device log. To retrieve this information follow these steps:
- Disable the UNMS connection in the device's UI.
- Copy the UNMS key.
- Connect to the device via SSH.
udapi-bridgemanually and check its output by typing in this command:
sudo udapi-bridge -v UNMS-KEY