Use the netsh trace command to capture communication activities between the user terminal and the NES server, while performing the action that fails.
For example, to troubleshoot the issue where a user terminal cannot retrieve NEA certificates from NES, perform the following steps:
- On the NES server, open up a command prompt as administrator, and then type:
netsh trace start capture=yes tracefile=.\capture_server.etl scenario=internetserver
- On the user terminal, open up a command prompt as administrator, and then type:
netsh trace start capture=yes tracefile=.\capture_client.etl scenario=internetclient
- Delete all the files in the C:\Windows\System32\config\systemprofile\AppData\Roaming\Nymi\NSL\<randomstring>\ksp directory
- Perform the action to trigger the certificate retrieval. For example:
- If a user terminal with EAM client cannot retrieve certificates, restart the EAM Security Services service.
- If the enrollment terminal cannot retrieve the certificates, log into the Nymi Band Application.
- Wait about a minute and then from the command prompt on both the user terminal and the NES server, type:
netsh trace stopThe netsh command records the command line output into the filename that you specified with the tracefile option in the current directory.
- Optional, to convert the output file to a text file, type the following command:
netsh trace convert input=filename.etlThe command creates a text file with the same name as the .etl file in the current directory.
- For ease of analysis, retrieve .etl file from the machine and use the etl2pcapng tool (https://github.com/microsoft/etl2pcapng/) to convert the file into to a .pcapng file.
- Use an application such as WireShark to analyze the output to determine the communication path between components.