General Troubleshooting Tips
Here are just a few quick things to check if you are experiencing problems:
>Ensure that the date and time are set correctly.
>Check that NTLS is bound to the correct Ethernet port. It must be bound to a port if it is to work, and that port must be the one that is connected for NTLS.
>Ensure that the client is registered with the correct ip/hostname (or that you spelled it correctly, didn't accidentally transpose any characters, used only valid characters, etc.).
>Ensure that the client is given access to the correct partition (again, be sure that it is spelled correctly; be careful of similarly named or numbered partitions).
>Ensure that the sysconf regencert command was properly executed (with the IP address, if using IP mode).
>Check the output of the syslog for any information on potential problems with syslog tail.
>If you see an apparent 'hang' condition, connect and check the PED - it may be waiting for a PED action.
>Check if you allowed the PED to time out, or if you started a command that needed PED action while the PED was not connected. You will need to re-issue the failed command after re-inserting the token, and pay attention to the PED.
>If RSA signing seems slow, check the Capabilities and Policies to ensure that Confirmation (policy #29) is switched off - if your security policy demands that signing operations must be verified on the HSM, then expect almost a 50% performance reduction.
>If you perform a Restore from Backup operation and some or all of the objects are shown with an error message like "LUNA_RET_SM_ACCESS_DOES_NOT_VALIDATE", you might have interrupted the restore operation (even a partition contents command could have this effect). Re-issue the Restore command, ensuring that no other commands are run against the partition while the operation is in progress - if other persons might be using their own SSH sessions to access the appliance, it might be best to disconnect the network cable and perform your restore operation from the local (serial) console.
