Articles in this section

See more

Umbrella Diagnostic Tool

Avatar
Matt Prytuluk
  • Updated
Follow

Umbrella Diagnostic Tool: What to Provide Support When Asked

 

Support will often ask for the results of our diagnostic tool, especially when troubleshooting difficult issues. The steps to using the tool are straightforward, but it's very important to send the link that's generated by the tool, rather than a screenshot of the information or having the information pasted. 

The tool can be found here:

Microsoft Windows : http://www.opendns.com/download/windows/diagnostic

Mac OS X : http://www.opendns.com/download/mac/diagnostic

Linux: No tool, see Terminal instructions here

Running the Cisco AnyConnect Umbrella Roaming Module? This is a different diagnostic test! To run, follow these instructions:

Windows: Run the diagnostic executable from: C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\UmbrellaDiagnostic.exe

Mac OS X: Not currently available for manual run. Send the log files from "/opt/cisco/anyconnect/umbrella/data/beacon-logs/". Then "/opt/cisco/anyconnect/umbrella/data/acumbrellalog.log".

The following section include instructions for use of the Diagnostic Tool on all three operating system types.

 

Microsoft Windows

 

When you first run the tool, you'll be asked for account information, ticket information and a domain to test with. This information is all optional, but if there is a specific domain you are having trouble accessing, please include it the Domain to test field:

diag-windows.jpg

Click Run tests.  The tests should only take a few moments to complete and at the bottom of the diagnostic output there will be a link displayed.   This is the link you'll want to send to the Support team

diag-link.jpg

In the example above, Support would need the link "http://diagnostic.opendns.com/d/5407505022713856". Please do not send the exact link above; however, send the link that appears in your diagnostic result.

In order to protect your information and that of our other customers diagnostic information uploaded to Umbrella is only accessible to Cisco employees authenticated through our systems.  You won't be able to view the diagnostic results but the support team will be able to see them if you provide the URL of the results.

Only the link itself is needed, please click on the link then copy and paste the URL results into your ticket. In the worst case scenario, if you can't copy and paste the link, feel free to send us a screenshot of the link.

Do not log into the link as this is for Umbrella Support Staff to log in and access the results. You will not have access to this even with your Umbrella account. 

If the Diagnostic does not run, provide the results of the following command prompt commands:

  • tracert 208.67.222.222
  • tracert 208.67.220.220
  • tracert api.opendns.com.
  • tracert bpb.opendns.com.
  • tracert block.opendns.com.
  • tracert hit-adult.opendns.com.
  • nslookup -timeout=10 -type=txt debug.opendns.com. 208.67.222.222
  • nslookup -timeout=10 -type=txt -port=5353 debug.opendns.com. 208.67.222.222
  • nslookup -timeout=10 -type=txt -port=443 debug.opendns.com. 208.67.222.222
  • nslookup -timeout=10 -type=txt debug.opendns.com.
  • ipconfig /all

 

Apple Mac OS X

 

When you first run the tool, you'll be asked for account information, ticket information and a domain to test with. This information is all optional, but if there is a specific domain you are having trouble accessing, please include it the Domain to test field:

diag-osx.jpg

Click Run tests. The tests should only take a few moments to complete and at the bottom of the diagnostic output there will be a link displayed. This is the link you'll want to send to the Umbrella Support team.

mac-diagurl.jpg

In the example above, support would need the link "https://diagnostic.opendns.com/d/4703817580937216"

Please do not send the exact link above; however, send the link that appears in your diagnostic result.

In order to protect your information and that of our other customers diagnostic information uploaded to Umbrella is only accessible to Cisco employees authenticated through our systems. You won't be able to view the diagnostic results but the support team will be able to see them if you provide the URL of the results.

Only the link itself is needed, please click on the link then copy and paste the URL results into your ticket. In the worst case scenario, if you can't copy and paste the link, feel free to send us a screenshot of the link.

Do not log in o the link as this is for Umbrella staff to log in and access the results. You will not have access to this even with your Umbrella account. 

If you would like to run the test manually, please issue the following commands:

  • /usr/bin/dig +time=10 myip.opendns.com
  • /usr/sbin/traceroute -I -w 2 208.67.222.222
  • /usr/sbin/traceroute -I -w 2 208.67.220.220
  • /usr/sbin/traceroute -I -w 2 api.opendns.com
  • /usr/sbin/traceroute -I -w 2 bpb.opendns.com
  • /usr/sbin/traceroute -I -w 2 block.opendns.com
  • /usr/bin/dig @208.67.222.222 +time=10 debug.opendns.com txt
  • /usr/bin/dig @208.67.222.222 -p 5353 +time=10 debug.opendns.com txt
  • /usr/bin/dig +time=10 debug.opendns.com txt
  • /usr/bin/dig +time=10 whoami.akamai.net
  • /usr/bin/dig +time=10 whoami.ultradns.net
  • /usr/bin/dig @208.67.222.222 +time=10 myip.opendns.com
  • /usr/bin/dig @ns1-1.akamaitech.net +time=10 whoami.akamai.net
  • /usr/bin/dig @pdns1.ultradns.net +time=10 whoami.ultradns.net
  • /usr/bin/nslookup -timeout=10 -class=chaos -type=txt hostname.bind. 4.2.2.1
  • /usr/bin/nslookup -timeout=10 -class=chaos -type=txt hostname.bind. 192.33.4.12
  • /usr/bin/nslookup -timeout=10 -class=chaos -type=txt hostname.bind. 204.61.216.4
  • ping -n 5 www.opendns.com (www.opendns.com)
  • ping -n 5 rtr1.pao.opendns.com 
  • ping -n 5 rtr1.sea.opendns.com 
  • ping -n 5 rtr1.lax.opendns.com 
  • ping -n 5 rtr1.chi.opendns.com
  • ping -n 5 rtr1.nyc.opendns.com 
  • ping -n 5 rtr1.lon.opendns.com
  • ping -n 5 rtr1.mia.opendns.com 
  • ping -n 5 rtr1.sin.opendns.com 
  • ping -n 5 rtr1.fra.opendns.com 
  • ping -n 5 rtr1.hkg.opendns.com 
  • ping -n 5 rtr1.ams.opendns.com 
  • ping -n 5 rtr1.ber.opendns.com 
  • ping -n 5 rtr1.cdg.opendns.com 
  • ping -n 5 rtr1.cph.opendns.com 
  • ping -n 5 rtr1.dfw.opendns.com 
  • ping -n 5 rtr1.otp.opendns.com 
  • ping -n 5 rtr1.prg.opendns.com 
  • ping -n 5 rtr1.ash.opendns.com 
  • ping -n 5 rtr1.wrw.opendns.com 
  • ping -n 5 rtr1.syd.opendns.com 
  • ping -n 5 rtr1.jnb.opendns.com
  • ping -n 5 rtr1.yyz.opendns.com
  • ping -n 5 rtr1.yvr.opendns.com
  • ping -n 5 rtr1.nrt.opendns.com
  • /bin/ps wwaux
  • /sbin/ifconfig -a
  • /usr/sbin/scutil --dns
  • /usr/sbin/netstat -rn
  • /usr/bin/curl -Ls block.a.id.opendns.com/monitor.php
  • /usr/bin/curl -Ls -c /dev/null bpb.opendns.com/monitor/

 

Linux/Unix

 

To provide diagnostic information for a Linux/Unix machine, please run the following commands and provide the results in your reply to the support ticket:

nslookup -type=txt debug.opendns.com.
nslookup -type=txt debug.opendns.com. 208.67.222.222
nslookup -type=txt debug.opendns.com. 208.67.222.222 -port=443
nslookup -type=txt debug.opendns.com. 208.67.222.222 -port=5353
traceroute 208.67.222.222
traceroute api.opendns.com.
traceroute bpb.opendns.com.
ifconfig

If you are asked to test a specific domain:
nslookup domain.com
nslookup domain.com 208.67.222.222
nslookup domain.com 208.67.220.220
nslookup domain.com 4.2.2.1
traceroute domain.com

Below are two example screenshots of the results of these commands. Your results will look similar but may differ in content of the results:

Ubuntu_64-bit.png

Ubuntu_64-bit-1.png

Related articles

Comments

2 comments

Sort by Date Votes

Please sign in to leave a comment.