Case Management

MY PRODUCTS & PLANS

Subscriptions

Product Usage

Trials

Registration Keys

Resources
Downloads
Licensing
Activate F5 product registration key
Ihealth
Verify the proper operation of your BIG-IP system

F5 University
Get up to speed with free self-paced courses
Devcentral
Join the community of 300,000+ technical peers

F5 Certification
Advance your career with F5 Certification
Product Manuals
Product Manuals and Release notes

Manual Chapter : Troubleshooting tips

Applies To:

Show Versions

Show Versions

BIG-IP APM

16.0.0, 15.1.0

Troubleshooting tips

You might run into problems with the integration of Access Policy Manager and OAM in some instances. Follow these tips to try to resolve any issues you might encounter.

Troubleshooting tips for initial configuration

You should	Steps to take
Check network connectivity	Ping the OAM Access Server from the BIG-IP system.
Test without OAM support enabled first	Before you test with OAM support enabled, make sure that the BIG-IP system has basic connectivity to protected applications. Disable the OAM Support property on the virtual server. Verify that you can reach the pool and the application. After succeeding, reenable OAM support on the virtual server.
Check the configuration for accuracy	Confirm that the AAA server object is correct, particularly the OAM server section. Confirm that the AccessGates configured on the BIG-IP system within the AAA server are correct.

Additional troubleshooting tips

You should	Steps to take
Verify access	OAM provides tools for the administrator to test how access policies respond to various requests. Use the Access Tester to test access policies with given identities and for given users. This tool can be helpful in determining whether the access provided by BIG-IP system is consistent with the policies configured under OAM.
Resolve sudden problems	Changes that have been made on the OAM server can cause mismatches on the BIG-IP system due to a configuration cache that is kept on the BIG-IP system. To resolve this problem, delete the cache configuration file of the corresponding AccessGate configuration. Delete the config.cache file located in config/aaa/oam/<filepath>, e.g. /config/aaa/oam/Common/oamaaa1/AccessGate1/config.cache. At the command line, restart the EAM service by typing bigstart restart eam .
Check logs	Enable and review the log files on the BIG-IP system. Most relevant log items are kept in the /var/log/apm log file. This /var/log/apm log file is the primary location for messages related to the operation of OAM. Additional logging is done in /var/log/oblog.log. This file contains AccessGate logging which might be helpful in certain circumstances.