Articles in this section

JetProxy Optimization & Troubleshooting Guide

Ensure your JetProxy installation is optimized before troubleshooting issues. If you haven't optimized your installation yet, please complete the JetProxy Optimization Steps.

Optimization Verification Checklist

Confirm the following optimizations have been correctly applied:

Verification Step Command Expected Result
SELinux Network Access 
getsebool httpd_can_network_connect
 on
File Descriptor Limit 
sysctl fs.file-max
 70000 or higher
NGINX Soft Limit 
su -s /bin/bash -c 'ulimit -Sn' nginx
 10000
NGINX Hard Limit 
su -s /bin/bash -c 'ulimit -Hn' nginx
 30000
NGINX Worker Limit 
grep worker_rlimit_nofile /etc/nginx/nginx.conf
 30000
NGINX Payload Limit 
grep client_max_body_size /etc/nginx/nginx.conf
 100M or desired limit

If all checks pass, proceed to troubleshooting. Resolve any discrepancies first by revisiting the optimization guide.

Validate Nginx Configuration

Check for syntax errors:

sudo nginx -t

Expected output:

syntax is ok
test is successful

Correct any reported issues and reload Nginx:

sudo systemctl restart nginx

502 Bad Gateway

  • Possible Causes:

    • Backend server unavailable or misconfigured.

    • SSL handshake failure.

  • Resolution Steps:

    1. Review Nginx error logs:

sudo tail -30 /var/log/nginx/error.log

  1. Replace invalid SSL certificates/keys. Update paths in Nginx configs.

  2. Check backend server availability:

curl -v http://<upstream-server>

  1. Restart Nginx:

sudo systemctl restart nginx

504 Gateway Timeout

  • Possible Causes:

    • Slow or unresponsive backend server.

    • Insufficient timeout settings in Nginx.

    • Firewall blocking backend traffic.

  • Resolution Steps:

    1. Confirm backend server is responsive:

curl -v http://<upstream-server>

  1. Adjust Nginx timeout settings (/etc/nginx/conf.d/timeout.conf):

proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 600;

  1. Verify firewall rules:

sudo firewall-cmd --list-all

  1. Reload Nginx:

sudo systemctl restart nginx

SELinux Blocking Connections

  • Symptoms:

    • Connection timeouts in Nginx logs.

    • Denials in SELinux audit logs.

  • Resolution Steps:

    1. Identify SELinux denials:

sudo ausearch -m avc | grep nginx

  1. Enable SELinux network access (reapply if needed):

sudo setsebool -P httpd_can_network_connect 1

  1. If issues persist, switch SELinux to minimal mode: - Edit /etc/selinux/config, set:

SELINUXTYPE=minimum
- Reboot the system:
sudo reboot

Proxy or Redirect Not Accessible

  • Resolution Steps:

    1. Test proxy access internally via browser:

https://<proxy_internal_IP>

  1. Ensure ports HTTP (80), HTTPS (443), WSUS (8530/8531) are open:

sudo firewall-cmd --list-all

  1. Validate proxy configurations in /etc/nginx/conf.d/.

Proxy Script Issues

  • Resolution Steps:

    1. Re-run the proxy script:

sudo ./proxy_script.sh

  1. Check logs to identify and resolve errors.

 

Related articles

Comments

0 comments

Article is closed for comments.