KB Article | Forcepoint Support

Notes & Warnings

  • If you receive a blank page when logging in, add the login URL to the trusted sites section within the browser.
  • If using Network Account and the user been moved to a different Group, we need to re-add the User. The Group Change is not auto updated.
  • For error: Make sure that the Websense Policy Broker service is running and that the Websense Manager machine can communicate with the Policy Broker machine, see Policy Broker causes error: Web Security could not be launched

Problem Description

Why does the Forcepoint Security Manager (formerly TRITON Manager) display a 503 error when attempting to access it?
 
Service Temporarily Unavailable
Logon failed. Invalid user name or password.
There is no Policy Server running at this IP address.
Unable to resolve the Policy Server host name.
User Service is not running.
The role you requested is in use [...].
The role you requested has been deleted [...]
 
Or, when trying to access the TRITON manager, the browser always shows an HTTP 503 error:
 
Service is temporarily unavailable
 

Resolution

Check manager service hotfix level

Missing .p12 file 

  1. Ensure Apache services are started.
  2. Verify the AJP port is correct. The default port number is 8009.
  3. Check the tomcat.log for errors:
    • ERROR org.apache.catalina.startup.Catalina - Catalina.start:
      LifecycleException: service.getName(): "Catalina"; Protocol handler start failed: java.io.FileNotFoundException: C:\Program Files\Websense\tomcat\conf\keystore\tomcat\manager.p12 (The system cannot find the file specified)
  4. Check the manager.p12 file is still located in the Websense\Web Security\tomcat\conf\keystore\tomcat\ directory. Ensure that the filename is correct.
  5. If the file shows as <hostname> manager.p12, then backup the file and rename it to manager.p12.
  6. Restart the Apache services.
     

The Logon page is not displayed

If you enter the Forcepoint Security Manager URL or click the Forcepoint Security Manager shortcut and a Service Temporarily Unavailable message is displayed instead of the logon page, port 9009, required by the ApacheTomcatWebsense service, may be reserved by another application on the Forcepoint Security Manager machine. To resolve this issue:

  1. Identify the application using port 9009, and either configure it to use another port or move it to another machine.
  2. Stop the ApacheTomcatWebsense service (For 7.6+, Websense Web Reporting Tools service).
  3. Navigate to the Websense bin directory (by default, C:\Program Files\Websense\Web Security\bin), and then open the knownports.properties file in a text editor.
  4. Edit the TOMCAT_AJP_PORT setting to read TOMCAT_AJP_PORT=9009. If the setting is not present, add to the end of the list.
  5. Save and close the file.
  6. Start the ApacheTomcatWebsense service (For 7.6+, Websense Web Reporting Tools service).

If you were logged into Forcepoint Security Manager and either closed the browser (without logging off) or the browser close unexpectedly, you may not be able to immediately re-login. However, after 2 minutes, Forcepoint should detect that the session is no longer valid and allow you to log on again. Otherwise, 
 
If you receive a component (Policy Broker, Policy Server, or User Service) error message, verify that communication between machines is not obstructed and that all Websense services are running (see Stopping and starting Forcepoint services on Windows and Appliances).
 
If you cannot login with Delegated Administration account for a role that you want to manage, make sure that no other administrators are logged on to that role with policy access.

  • Only one administrator at a time can access policy information for each role.
  • If you have reporting permissions, you can log on to the role with reporting access only while another administrator is logged on with policy access.
  • Multiple administrators can be logged on to the same role simultaneously with reporting access only.

The Login succeeds but a policy database connection error is received

See  Policy Broker causes error: Web Security could not be launched.

Article Feedback



Thank you for the feedback and comments.