Troubleshooting

Network or proxy configuration changes can disrupt connectivity to EcoStruxure IT. To restore the Gateway's connection to EcoStruxure IT, verify that: The computer the Gateway is installed on is available. The Gateway is installed on a computer that is always on, and it is connected to the internet. You can log into the EcoStruxure IT Gateway. Once you have verified the Gateway is connected to the internet: Restart the Gateway Service. See how Check the EcoStruxure IT mobile app to verify the connection to EcoStruxure IT. Restart the computer running the Gateway if possible. Check the EcoStruxure IT mobile app to verify the connection to EcoStruxure IT. Navigate to well-known domain names to verify DNS is working. Check your network settings with your IT team. If the Gateway still cannot connect to EcoStruxure IT, contact your IT team to verify they have not made network infrastructure changes that block outbound traffic. Ask them to check the configuration of the computer running the Gateway against the System requirements for EcoStruxure IT Gateway.

WARNING This procedure will temporarily stop the service. Some sensor or alarm updates might be missed until the service restart is complete. This should only be done under the direction of Customer Support.  In the examples below, replace X.X.X with your Gateway version number.   Windows Go to Control Panel > Administrative Tools > Services. Restart the "EcoStruxureITGateway Server - X.X.X" service. Linux Open Terminal and run:  sudo systemctl restart EcoStruxureITGateway-X.X.X.service NOTE: The systemctl command can be run from any directory by sudo users.

This tool can walk SNMP1, SNMP3, Modbus, Redfish, NetBotz, and FTP devices, gathering current values or files to facilitate DDF development or debugging for Data Center Expert or EcoStruxure IT Gateway.   Specific information about how to create a walk file for different DCE versions is here.   Modbus.org announced it is expunging all occurrences of inappropriate language of the query and response paradigm of Modbus communications. This tool was updated to comply as of version 1.9.1. More...   Requirements   Windows 10+ or Windows Server 2012+ Admin access to Command Line or Windows PowerShell   Getting started   1. Unzip the file walker_version_Windows.zip 2. Navigate to the folder you unzipped in step 1.  There should be a file called "walk.bat" in the folder. 3. Right click the file and click Open.   How to run your first command   The general usage is: <protocol> -ip <ip> <options>   Example: snmp -ip 192.169.0.10   Note: To read more about each command while you run the program, type help followed by the command you need help for. Example: help snmpv3   idea_icon_360009259237.png There are several example commands below. Make sure to follow the structure carefully.   Running a command generates a walk file that is named using the IP address and a *.walk, *.json, *.txt", or *.xml extension. The file is saved to the folder where you ran the .bat script. If you are running a walk that retrieves raw files, such as FTP, these are saved as files.zip.   Example output: 192.169.0.10.xml Example with file retrieval: 192.169.0.10.txt and files.zip   Troubleshooting   If you're having trouble connecting to a physical device, check with your network administrator to confirm that the device is enabled for the protocol and login credentials (if applicable) you are using to connect.   Device walks can take a long time to complete. A walk usually completes within 20 minutes for a slow connection.   If your walk fails to complete, it might be worth taking a break. Many protocols struggle to handle excessive repeated requests. If the walk seems to be hanging, try waiting a few hours and try again; this gives the device time to discard any old sessions and start accepting new ones. If the walk still fails, contact support for assistance.   If your Modbus poll output file does not get generated and you are running the walk.bat file as an administrator, try closing the program, right-click "walk.bat", and select "Open" (not "Run as administrator"). Usage details   SNMP V1   Defaults   - ip: REQUIRED - port: 161 - file: <ip>.walk - read: public - write: private - retries: 2 - timeout: 5 - enableBulkRequest: false   Examples   snmp -ip 192.169.0.10 snmp -ip 192.169.0.10 -port 8161 snmp -ip 192.169.0.10 -read pass   SNMP V3   Argument valid values   - authType: MD5, SHA - encType: DES, DES3, AES128, AES192, AES256   Defaults   - ip: REQUIRED - port: 161 - file: <ip>.walk - username: REQUIRED - authType: - authPassword: - encType: - encPassword: - retries: 2 - timeout: 5 - enableBulkRequest: false   Examples   snmpv3 -ip 192.169.0.10 -port 161 -username XXXX -authType MD5 -authPassword XXXX -encType DES -encPassword XXXX   snmpv3 -ip 192.169.0.10 -port 161 -username XXXX -authType SHA -authPassword XXXX -encType AES128 -encPassword XXXX    snmpv3 -ip 192.169.0.10 -port 161 -username XXXX    snmpv3 -ip 192.169.0.10 -port 161 -username XXXX -authType SHA -authPassword XXXX    Modbus   This requires a separate text file specifying which registers to read. See input.txt for formatting and examples.   WARNING: Excessive Modbus requests can overwhelm the device. Keep the number of selected registers as small as possible.   NOTE: The walker will output an XML file with the naming convention {ip_address}-{server_id}.xml (e.g., 12.34.56.789-1.xml). If this file does not get generated and you are running the walk.bat file as an administrator, try closing the program, right-click "walk.bat", and select "Open" (not "Run as administrator").   Defaults   - <ip>: REQUIRED - port: 502 - file: - server: 1 - input: input.txt - maxReads: 100 - walk: true - function: - start: 1 - count: - print:   Examples   modbus -ip 192.169.0.10   modbus -ip 192.169.0.10 -port 5020 -server 2 -input registers.txt   Redfish   Defaults   - ip: REQUIRED - port: 443 - file: <ip>.json - username: REQUIRED - password: REQUIRED   Example   redfish -ip 192.168.0.10 -username user1 -password pass   NetBotz   Defaults   - ip: REQUIRED - port: 80 - file: <ip>.json - username:  - password:  - useSSL: false   Examples   netbotz -ip 192.168.0.10 -username user1 -password pass   netbotz -ip 192.168.0.10 -username user1 -password pass -useSSL   FTP   Defaults   - ip: REQUIRED - port: 21 - file: <ip>.json - username:  - password: - walk: true - download_file:   Example   ftp -ip 10.155.55.55 -username apc -password apc

Issue Some Gateway Appliances were shipped with bad ISO images. The networking functionality does not work properly on affected units.    Symptoms A system plugged into LAN 2 is unable to receive a DHCP address  A system plugged into LAN 2 with a statically assigned IP is unable to reach Webmin  The appliance does not receive an IP address when connected on LAN1  Affected Units Affected units were assembled in or prior to November 2019.  The assembled date is found on the package label.   appliance_assembly_date_360016634397.png   What To Do Contact Customer Support for assistance with this issue.      

The Gateway is prevented from being installed or starting up when the web server port 443 is being used by another application. ?name=inline-1165840792_360007940277.png To find the application using port 443: On Windows, type the command: netstat -aon | findstr 443 mceclip0_360007940277.png On Linux, type the command: sudo netstat -tulpn | grep :443  The last column of the output tells you which PID is listening on that port.  

The device name is polled during the discovery process only, not during a regular polling period. If you change the name of a device after it has been discovered in the Gateway, the new name will not appear in the device list automatically. To manually update device atrributes in Gateway versions 1.8.1 and later: Log in to the Gateway. Go to the device and click the Details tab. Click Retrieve details. In previous Gateway versions, rediscover the device to update its name. In general, static values for device attributes are only polled at discovery, for example, the items on the device details page. Sensor measurements are polled during the regular polling period.

There are a number of reasons EcoStruxure IT may not be able to communicate with a device during discovery, or communication could be lost some time later. There are things you can check to verify proper SNMP communication.   EcoStruxure IT is vendor neutral. Configuration options may differ from device to device. For information about APC devices and Data Center Expert, see here.   Initial configuration for discovery The devices you want to monitor must first have SNMP enabled. Only one SNMP version should be enabled on a device at a time, either SNMPv1 or SNMPv3.    SNMP v1 Once enabled, specify the read community name to access information on the device. You may also need to specify the write community name.   If you specify an IP address or an address range, only those systems will be allowed to use the community names. For troubleshooting purposes, it is best to leave the IP address at all zeroes (0.0.0.0) to allow the community name to be read by any system. After communication is established, you can change these options.   SNMP v3 Security for SNMPv3 includes User Name, Authentication Passphrase, Privacy Passphrase, Authentication Protocol, and Privacy Protocol. These must be noted and are required to communicate with EcoStruxure IT using SNMPv3. Once configured, you can enable each profile individually and associate it with a specific IP address or address range.   When AES is configured on the APC Network Management Card (NMC), choose AES-128 in the Gateway user interface.   EcoStruxure IT Gateway versions older than 1.15 do not allow discovery of SNMPv3 devices with the Authentication Passphrase and Privacy Passphrase set to None.   Device library files The EcoStruxure IT Gateway needs one or more files in its device library to communicate with a device and display device information. These are XML files that contain the SNMP OID information for specific sensors in the proper format.   The Gateway device library contains files for APC devices, many other well-known manufacturers, and one for a generic UPS. If EcoStruxure IT does not have the file for a device you want to monitor, you can contact Device Support to request that one be created.    Troubleshooting Failed Discoveries The most common reason for a failed discovery is incorrect security parameters. Verify that the SNMP read community name matches the device you are trying to discover. In SNMPv3, all parameters must match the settings on the device. The Authentication Passphrase and Privacy Passphrase can be set to None on the device, supported in Gateway version 1.15 and newer. Be sure to verify there is no specific NMS IP address associated with the security profiles or community names. An incorrect IP or any type of Network Address Translation could cause this feature to block SNMP traffic. Device logs may indicate if a system tried to access the device with incorrect security parameters, including the IP address of the system that attempted this action. Make sure the port used during the discovery matches the port configured on the device. discovery will probably fail. The default port is 161. Device configuration may vary. If all your security and port configurations match, and you have ruled out ports, profiles, and community names being the issue, try to simplify the settings. For example, if you are using a long, complex community name with special characters, try using something simple for testing purposes. For SNMPv3, try using a different set of security options. If SNMPv3 continues to fail, try testing with SNMPv1 first to rule out configuration issues.   If failure continues, check the network. A packet capture can be helpful in this case. You can use tools like WireShark to capture network traffic and help determine if the SNMP packets are actually getting to the device, and, if the device is responding properly.   A system running a packet capture near the computer running EcoStruxure IT Gateway will show if EcoStruxure IT is sending and receiving; a packet capture closer to the device you are trying to monitor will show if the network is allowing the SNMP packets from EcoStruxure IT to get to the device.   Keep in mind that utilities like ping will show if basic network traffic can get from one system to another, but do not rule out the possibility of networks blocking specific ports or protocols.    Troubleshooting lost communication after discovery If the IP address of an SNMP device has changed, the device will go into a lost communication state. When you rediscover a device using a different IP address, all historical data from the device will be lost. To maintain communication and keep historical data, do not change device IP addresses after discovery.   Changes in security settings also cause a device to lose communication. If the community names have been changed on the device after it was discovered, the systems will fail to communicate. You must rediscover the device using the correct community name. All historical data from the device will be lost. To maintain communication and keep historical data, do not change community names after discovery.   Lost communications issues can also be caused by a change in the network configuration. Firewalls can sometimes be reconfigured without notice to block ports or traffic from specific IP addresses. A packet capture can come in handy here.    Intermittent lost communications issues Intermittent communication issues can usually be attributed to traffic issues, either network related or on the device itself. If there is too much network traffic, or too many systems are trying to poll a single device at the same time, the UDP packets used by SNMP may not be able to get through to the device or be answered by the device. You can increase timeouts and retries in the gateway's Device Polling menu option under SNMP to allow the system to regain communication caused by such traffic.   If it is available on the device, you can also specify an NMS IP. address. Setting a specific IP address or address range will stop other systems from being able to poll the device in question. This may or may not be a permanent fix, but can be useful for testing.

An error occurs because the Gateway server does not trust the certificate for EcoStruxure IT.   mceclip0_360012170853.png   Cause   For security reasons, the EcoStruxure Gateway validates that the certificate used to secure communication between EcoStruxure IT and the Gateway was issued by a well known trusted certificate authority.   An error occurs when you use a TLS/SSL interception proxy, which is indistinguishable to the Gateway from a man-in-the-middle attack.   If your organization uses a TLS/SSL interception proxy to inspect the encrypted network communications between the Gateway and EcoStruxure IT, the Gateway must be configured to trust the certificate authority that the TLS/SSL interception proxy uses to issue certificates.   SECURITY WARNING: Only install CA certificates that you and your organization trust. Never install certificates that were obtained from an untrusted source.   Solution    Obtain the correct certificate, and add it to the EcoStruxure Gateway trust store.   You can either obtain the correct certificate directly from your organization's IT department or from a trusted system that has the correct certificate already installed. Note: The web browser on the system the Gateway software was installed on may already have the certificate installed. See How to locate a certificate used by the web browser.   How to locate a certificate used by the web browser   From the Gateway server, try to reach the EcoStruxure IT registration endpoint. Go to https://us.ecostruxureit.com/ingester/v2/test/registration  IMPORTANT: If the URL returns a connection error, stop here. Contact your IT department to get the root certificate your proxy is using. You can then resume and import that certificate. If this test URL returns {"status":"UNREGISTERED"} your browser can successfully reach the endpoint.   Click the lock in the address bar of the browser and view the certificate used by us.struxureon.com. Note the certification path. GW_cert_1_360012170853.png GW_cert_2_360012170853.png   In the Windows Control Panel, go to Internet Options > Content > Certificates.  GW_cert_3_360012170853.png   Click Trusted Root Certification Authorities. Select the certificate used by us.struxureon.com.   GW_cert_4_360012170853.png   Click Export.   Select the Base-64 encoded X.509 (.CER) option in the export. GW_base64_360012170853.png   Name the certificate the name shown in the Issued By column.   Add certificate to EcoStruxure Gateway trust store   Log in to the Gateway user interface and go to Cloud Connectivity > Add root certificate. GW18_untrusted_cert_1_360012170853.jpg Click Import certificate… and then choose the certificate you exported.  GW18_untrusted_cert_2_360012170853.jpg Click Add certificate. Note: To view or remove certificates in the Gateway, go to Settings > Trust Store. Important: You should manually restart the Gateway service after adding or removing certificates.

If the computer where EcoStruxure IT Gateway is installed uses a proxy server to connect to the internet, you must configure proxy settings in the Cloud connectivity >  Proxy Settings option in the Gateway user interface. Use the option to Automatically detect proxy settings first. If detection is successful, the window will close and you can proceed to register with EcoStruxure IT.  If detection fails, you can verify the proxy settings in a browser. Verify the gateway’s connection to the EcoStruxure IT server Open a browser and type the URL for the EcoStruxure IT registration endpoint. https://us.struxureon.com/ingester/v1/adssd/registration If the connection to the server is unsuccessful, a ‘no internet connection’ error is displayed. If the connection to the server is successful, the page displays status, supported country, and link information if any. {"status":"UNREGISTERED","supportedCountry":true,"link":{"url":null,"text":null}} Go to the proxy settings for the browser If there is an IP address listed in the browser, use that address in the gateway’s proxy settings. If there is a URL for a pac file listed in the browser, you can find the proxy settings by looking at the information in the file. Type the URL into a browser to download and view the pac file. In the pac file, there are rules and IP addresses for various proxy servers. Find the proxy IP address that fits your EcoStruxure IT Gateway’s parameters, including one or more of the following: HTTP/HTTPS protocol IP subnet Geographic location   The complexity of the pac file can vary. An example section from a pac file might look like this: /*--------------------FTP PROXY--------------------*/                if ( url.substring(0,4) == "ftp:" )                return "PROXY 10.12.123.223:80; PROXY 20.12.123.223:80; DIRECT"; /*--------------------HTTPS PROXY--------------------*/                if ( url.substring(0,6) == "https:" )                return "PROXY 2.5.84.23:443; PROXY 1.168.1.131:443; DIRECT"; /*--------------------DEFAULT PROXY--------------------*/                return "PROXY 9.5.4.3:80; PROXY 1.168.51.131:80; DIRECT"; In this case, the gateway communicates using HTTPS, so you would choose one of the HTTPS PROXY IP addresses and enter it in the gateway’s proxy settings.   In some cases, the pac file might look like this: /*---HTTPS PROXY---*/                if (url.substring(0,6) == "https:")                return return_httpsProxy;   The “return_httpsProxy” is a variable or “var”, usually set near the beginning of the document:                var return_Proxy = "PROXY 165.225.38.37:10912; PROXY 104.129.194.40:10912; PROXY 165.225.38.37:80; PROXY 104.129.194.40:80; DIRECT";                var return_httpsProxy = "PROXY 165.225.38.37:10912; PROXY 104.129.194.40:10912; PROXY 165.225.38.37:443; PROXY 104.129.194.40:443; DIRECT";                var return_SpecifProxy = "PROXY 165.225.38.37:10912; PROXY 104.129.194.40:10912; PROXY 165.225.38.37:80; PROXY 104.129.194.40:80; DIRECT";

Contact support for information about Gateway versions older than 1.16. Note: An imported SSL certificate signed by a trusted certificate authority or a CA certificate imported to the keystore will not persist through an EcoStruxure IT Gateway update. You must import the certificate again after you update your Gateway software. Windows These command examples are formatted for use in the Windows command prompt. Using PowerShell requires using single quotes instead of the double quotes displayed below. EcoStruxure IT Gateway stores the user interface SSL certificates in two Java keystore files in the C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\gateway\conf\keystore\ directory: dcos.keystore (PrivateKeyEntry) dcos.truststore (trustedCertEntry) Verify the contents of the Java keystores Open C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\gateway\conf\application-installer.yaml  In the server: > ssl: section, find the line key-store-password and remember the password for the keystores. Open a command prompt window and change the directory to C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\gateway\conf\keystore Type the command  "C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\jre\bin\keytool.exe” -list -v -keystore dcos.keystore Enter the password you remembered in step 2. Verify the keystore contents are displayed without error. Type the command  "C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\jre\bin\keytool.exe" -list -v -keystore dcos.truststore Enter the password you remember from step 2 when prompted. Verify the keystore contents are displayed without error.  Create a new keystore for the trusted SSL certificate Stop the EcoStruxureITGateway-x.x.x.x service. Delete the existing keystore file, C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\gateway\conf\keystore\dcos.keystore. Open a command prompt and change the directory to C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\gateway\conf\keystore Type the command "C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\jre\bin\keytool.exe" -genkey -alias dcos -keyalg RSA -keystore dcos.keystore -keysize 2048 The other values might need to match the values present on the CA. Some values are required by the CA, and others might be optional. This depends on the CA configuration. Use the .csr file to create a new certificate signed by the Trusted CA. This could be a CA run by your company, or it might need to be sent to a third-party Certificate Authority. Use the same password you remembered in step 2 of the ‘Verify the contents of the Java keystores” section. Verify that the file dcos.keystore now exists in the keystore folder. Start the EcoStruxureITGateway-x.x.x.x service.  Create a certificate signing request and a new SSL certificate signed by a trusted CA Type the command:   "C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\jre\bin\keytool.exe" -certreq -alias dcos -keystore dcos.keystore -file newSxOnGW.csr Enter the required values when prompted. The first value must match the hostname or FQDN (Fully Qualified Domain Name) of the server where EcoStruxure IT Gateway is installed. Import the Root CA and Web Server SSL certificates to the EcoStruxure IT Gateway keystore Copy rootca.crt and newSxOnGW.crt to the machine where EcoStruxure IT Gateway is installed. Stop the EcoStruxureITGateway-x.x.x.x service. Open a command prompt and change the directory to C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\gateway\conf\keystore Import the root CA certificate. Type the command   “C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\jre\bin\keytool.exe" -importCert -trustcacerts -alias root -file rootca.crt -keystore root.truststore Import the Web Server SSL certificate. Type the command "C:\Program Files\EcoStruxureITGateway\<current Gateway install version>\jre\bin\keytool.exe" -importCert -trustcacerts -alias dcos -file newSxOnGW.crt -keystore dcos.keystore Make sure the root CA certificate is imported to the internet browser on all the computers that will be used to access the Gateway user interface. Start the EcoStruxureITGateway-x.x.x.x service. EcoStruxure IT Gateway will now use the new signed certificate, and no SSL Certificate security warning will be displayed by the browser when the Gateway user interface is launched. C:\Program Files\EcoStruxureITGateway\<version>\gateway\conf\keystore\dcos.keystore (PrivateKeyEntry) C:\Program Files\EcoStruxureITGateway\<version>\gateway\conf\keystore\dcos.truststore (trustedCertEntry) Linux EcoStruxure IT Gateway stores the user interface SSL certificates in two Java keystore files in the /opt/EcoStruxureITGateway/<current Gateway install version>/gateway/conf/keystore directory: dcos.keystore (PrivateKeyEntry) dcos.truststore (trustedCertEntry) Verify the contents of the Java keystores Open /opt/EcoStruxureITGateway</current Gateway install version>/gateway/conf/application-installer.yaml  In the server: > ssl: section, find the line key-store-password and remember the password for the keystores. Open a command prompt window and change the directory to /opt/EcoStruxureITGateway/<current Gateway install version>/gateway/conf/keystore Type the command  '/opt/EcoStruxureITGateway/<current Gateway install version>/jre/bin/keytool.exe' -list -v -keystore dcos.keystore Enter the password you remembered in step 2. Verify the keystore contents are displayed without error. Type the command  'opt/EcoStruxureITGateway/<current Gateway install version>/jre/bin/keytool' -list -v -keystore dcos.truststore Enter the password you remember from step 2 when prompted. Verify the keystore contents are displayed without error.  Create a new keystore for the trusted SSL certificate Stop the EcoStruxureITGateway-x.x.x.x service. Delete the existing keystore file, /opt/EcoStruxureITGateway/<current Gateway install version>/gateway/conf/keystore/dcos.keystore. Open a command prompt and change the directory to /opt/EcoStruxureITGateway/<current Gateway install version>/gateway/conf/keystore Type the command '/opt/EcoStruxureITGateway/<current Gateway install version>/jre/bin/keytool' -genkey -alias dcos -keyalg RSA -keystore dcos.keystore -keysize 2048 The other values might need to match the values present on the CA. Some values are required by the CA, and others might be optional. This depends on the CA configuration. Use the .csr file to create a new certificate signed by the Trusted CA. This could be a CA run by your company, or it might need to be sent to a third-party Certificate Authority. Use the same password you remembered in step 2 of the ‘Verify the contents of the Java keystores” section. Verify that the file dcos.keystore now exists in the keystore folder. Start the EcoStruxureITGateway-x.x.x.x service.  Create a certificate signing request and a new SSL certificate signed by a trusted CA Type the command:   '/opt/EcoStruxureITGateway/<current Gateway install version>/jre/bin/keytool' -certreq -alias dcos -keystore dcos.keystore -file newSxOnGW.csr Enter the required values when prompted. The first value must match the hostname or FQDN (Fully Qualified Domain Name) of the server where EcoStruxure IT Gateway is installed. Import the Root CA and Web Server SSL certificates to the EcoStruxure IT Gateway keystore Copy rootca.crt and newSxOnGW.crt to the machine where EcoStruxure IT Gateway is installed. Stop the EcoStruxureITGateway-x.x.x.x service. Open a command prompt and change the directory to /opt/EcoStruxureITGateway/<current Gateway install version>/gateway/conf/keystore Import the root CA certificate. Type the command   '/opt/EcoStruxureITGateway/<current Gateway install version>/jre/bin/keytool' -importCert -trustcacerts -alias root -file rootca.crt -keystore root.truststore Import the Web Server SSL certificate. Type the command '/opt/EcoStruxureITGateway/<current Gateway install version>/jre/bin/keytool' -importCert -trustcacerts -alias dcos -file newSxOnGW.crt -keystore dcos.keystore Make sure the root CA certificate is imported to the internet browser on all the computers that will be used to access the Gateway user interface. Start the EcoStruxureITGateway-x.x.x.x service. EcoStruxure IT Gateway will now use the new signed certificate, and no SSL Certificate security warning will be displayed by the browser when the Gateway user interface is launched. /opt/EcoStruxureITGateway/<version>/gateway/conf/keystore/dcos.keystore (PrivateKeyEntry) /opt/EcoStruxureITGateway/<version>\gateway/conf/keystore/dcos.truststore (trustedCertEntry)

If you need to replace a device that is monitored by the Gateway (RMA, for example), and you want to use the same IP address and credentials, you must log in to the Gateway and do the following:   Delete the existing device. See how Run a discovery for the new device.  Wait about 10 minutes for the device to start reporting data.  Change the location of the device if necessary.   NOTE: The Gateway does not retain the sensor history for the device you replace.   It is important to delete the existing device first before you discover the new device because:   The Gateway may show the existing device as online even though it is no longer accessible because the new device will respond at that IP address. The Gateway will show two devices at the same IP address, but only the new device updates sensor values. When the next Gateway update is performed, the new device may be discovered automatically, and then the old device will show that it is offline.

Reconnect a Gateway to EcoStruxure IT Log in to the Gateway you want to reconnect to EcoStruxure IT. Click EcoStruxure IT, and then click Register. GW_register_with_EcoStruxure_IT_360012117154.png Log in to https://app.ecostruxureit.com/manage. Your registration code will be automatically entered. ITE_connect_Gateway_360012117154.png Specify a name for the Gateway and click Connect. Disconnect a Gateway from EcoStruxure IT Go to https://app.ecostruxureit.com/manage and log in to EcoStruxure IT. Click Administration > Gateways and click the Gateway you want to disconnect. GW_disconnect_GW_in_ITE_1_360012117154.JPG Click Disconnect, and confirm.  GW_disconnect_GW_in_ITE_2_360012117154.JPG 

If you have created a device support ticket and have been asked to enable targeted reads for a device, you set the permission to do so in the Gateway server's web user interface in the Settings > Advanced > Targeted reads option.   To create a Device Support ticket to allow EcoStruxure IT Gateway to discover an unsupported device:   If unsupported devices are listed on the Device discovery page in the Gateway user interface, click View details. Click Need device support? Submit a DDF Request to request support for a device you are unable to discover. To set the permission to perform a targeted read, check the appropriate box based on how you are trying to discover the device:   In the Gateway user interface, go to Settings > Advanced > Targeted reads. If you are trying to discover a serial Modbus device, check the first box, Allow Schneider Electric to perform targeted reads on devices serially connected to your EcoStruxure IT Gateway. If you are trying to discover a Modbus TCP device, check the second box, Allow Schneider Electric to perform targeted reads on the following IP addresses or IP address ranges. List the IP addresses individually or specify a range.   When you confirm with device support that you have given your permission for a targeted read in the Device Support option in the Gateway, be sure to provide the following information for the devices you are trying to discover:   For a Modbus TCP device IP address Port number Server address For a Modbus serial device Communication port Server address Baud Rate Data Bits Parity Stop Bits Flow Control

A technical support representative might ask you to gather logs for troubleshooting.   Gateway Logs   Log into the Gateway user interface. Go to Settings > Advanced > Download server logs and click Download to download a zip file of the logs. If Gateway services are down, please provide the logs from the following folder locations: C:\Program Files\EcoStruxureITGateway\<version>\log C:\Program Files\EcoStruxureITGateway\<version>\pgsql\data\pg_log   Installation Logs   Gather these logs for installation or software update issues:   Gateway 1.10 and newer installbuilder_installer_*.log install_helper_*.log Older Gateway versions EcoStruxure* bitrock*   Windows    If you downloaded and installed the Gateway software, gather logs from:   C:\Users\<username>\AppData\Local\Temp C:\Users\<username>\AppData\Local\Temp\<number folder>   If you updated the Gateway software from the IT Expert web application, or the update was automatically run by Schneider Electric, gather logs from:   C:\Windows\Temp C:\Windows\Temp\<number folder>   Linux   Gather logs from:   /tmp/   Service Settings   There are several setting that can affect running and/or upgrading the Gateway service, only gather these if requested by customer support.   Windows   Gather the Gateway settings from the Registry.   Run regedit.exe Navigate to HKEY_LOCAL_MACHINE>SOFTWARE>JavaSoft>Prefs>com>se Right click the se folder and select Export. Navigate to HKEY_LOCAL_MACHINE>SOFTWARE>Schneider Electric. Right click the se folder and select Export. Send these two files to Customer Support  

EcoStruxure IT Gateway restore fails when the locale of the Windows computer where the Gateway is installed is set to Italian, Portuguese, or Spanish. Set the operating system locale to English to perform the restore.  

When the Gateway is unable to keep up with the polling interval for a device, a Device Communication Alert warning alarm is generated. The alarm message is <device name> is responding slowly to polling. The Device Communication Alert alarm is generated after five consecutive polls exceed the polling interval. The alarm clears after five consecutive polls complete within the polling interval. You can do one or more of the following: Reduce the number of devices the Gateway is polling at 1 minute (Gateway 1.13 and newer). Reduce the number of devices the Gateway is polling. Add more CPU and memory to the Gateway. Investigate network latency issues, or put the Gateway on the same local area network (LAN) as the device.  

  Some Galaxy UPSs report serial numbers that are not unique, such as XXXXXXXXXX or 0123456789. These serial numbers are unsupported in EcoStruxure IT Gateway version 1.9.0 and newer. If you discovered a Galaxy device that reports these generic serial numbers, the Galaxy device will show as offline after the Gateway is updated to version 1.9.0 or newer, and a new Galaxy device will be added with a unique identifier. You can delete the offline Galaxy devices from the device list.

The EcoStruxure IT Gateway must uniquely identify devices to support data analytics and sensor history. The Gateway attempts to use the device's serial number as the unique identifier whenever possible, since IP addresses change, devices are removed and re-added to a network, or a device is connected to different Gateways.  In some cases, the device serial number must be set manually. Device serial number is missing or invalid In most cases, if the serial number is missing or empty, or it matches a list of invalid values like1234567890 or N/A, the Gateway attempts to use the MAC address for SNMP or the IP Address + server ID + port for Modbus. This not perfect for this situation, but it is the best alternative. If the Gateway fails to find a unique identifier, the device discover fails and is reported the Gateway's discovery log. Devices have the same unique identifier If two devices have the same unique identifier, usually one device will be discovered, and then when the second is discovered, the first will be removed and replaced by the second since it appears to be the same device. In some cases, depending on the timing, both devices could be discovered, and then will lose connectivity when the Gateway is updated to the next version.  Manually set the serial number on a device You might need to set the serial number on a device if a unique identifier cannot be not found. Consult the documentation or the device's manufacturer for how to do this if necessary. If you can update the serial number manually, it's most likely done through the device's own user interface. It might also be possible to set it using SNMP or Modbus. Contact customer support if you need assistance. You may need to supply the SNMP MIB or Modbus map to determine the address of the serial number.    

  When you replace a device and reuse the IP address and device configuration credentials from the old device, the new device will show as offline in the Gateway. Delete the offline device from the Gateway device list, and then manually rediscover the new device. How to replace a device in EcoStruxure IT Gateway

New versions of the APC Network Management Card (NMC) firmware have the SNMP protocol disabled by default.  You cannot discover devices with this new NMC firmware in EcoStruxure IT Expert or Data Center Expert until SNMP is enabled.  Connect to the device using HTTPS or SSH. Enable SNMPv1 or SNMPv3 on the device. Run the device discovery in the Gateway or DCE. Note: The SNMP settings on previously discovered devices are not affected by a firmware update to a version that contains these security updates. Read more about these security updates to APC devices.