Troubleshooting Documentation

Are you experiencing slower speeds than expected after connecting to the Timus Network? 

Several factors can contribute to this, but don't worry! This guide will help you troubleshoot the issue and get your connection back up to speed.

Initial Steps:

1. Application Updates: Ensure you're using the latest version of the Timus Network client application. Outdated software can sometimes lead to performance issues. You can set automatic updates within the Timus Network client application by accessing your device settings within manage.timusnetworks.com.
2. Conflicting Software: Uninstall any other VPN or network software running in the background. Even unused software might consume resources and affect your bandwidth.

If your client is up-to-date and there are no other programs running that could impact your connectivity. Please check the following troubleshooting steps:

• Check Maximum Transmission Unit (MTU)
• Ping Test with Varying Packet Sizes
• Identify Network Issues (Traceroute & MTR)
• Check Endpoint Configuration
• Performance Testing (Optional)
• Quality of Service (QoS) and ISP Throttling
• Firewall and Security Software

1. Identify Current MTU Setting

macOS:

1. Open Terminal.
2. List network services:

   networksetup -listallnetworkservices
   

3. Check current MTU:

   networksetup -getMTU <network_service>
   

Windows:

1. Open Command Prompt.
2. Check current MTU:

   netsh interface ipv4 show interfaces
   

2. Ping with Specific Packet Sizes

macOS:

1. Open Terminal.
2. Ping with a specific packet size:

   ping -D -s 1472 <gateway_public_ip>
   

Windows:

1. Open Command Prompt.
2. Ping with a specific packet size:

   ping -f -l 1472 <gateway_public_ip>
   

3. Adjust Packet Size Incrementally:
   • Start with 1472 bytes.
   • Reduce the packet size by small increments if you encounter packet loss or errors.
   • Find the largest packet size that does not result in fragmentation or packet loss.

3. Use Traceroute and MTR

Traceroute:

macOS:

1. Open Terminal.
2. Install traceroute (if not already installed):

   brew install traceroute
   

3. Run traceroute:

   traceroute <gateway_public_ip>
   

Windows:

1. Open Command Prompt.
2. Run tracert:

   tracert <gateway_public_ip>
   

MTR:

macOS:

1. Open Terminal.
2. Install mtr (if not already installed):

   brew install mtr
   

3. Run mtr:

   mtr -rw <gateway_public_ip>
   

Windows:

1. Open Command Prompt.
2. Install WinMTR (if not already installed) from https://sourceforge.net/projects/winmtr/.
3. Run WinMTR and enter the gateway IP to start the test.

4. Check Endpoint Configuration

ipconfig /all

macOS:

1. Open Activity Monitor.
2. Monitor CPU and memory usage to ensure they are not maxed out during the VPN connection.
3. Check network interface for errors:

   ifconfig
   

Windows:

1. Open Task Manager.
2. Monitor CPU and memory usage to ensure they are not maxed out during the VPN connection.
3. Check network interface for errors:

   ipconfig /all
   

5. Performance Testing

macOS and Windows:

1. Download and install iPerf3 from https://iperf.fr/.
2. Run iPerf tests to measure raw throughput with and without VPN:

   iperf3 -c ash.speedtest.clouvider.net -p 5200-5209
   

6. Quality of Service (QoS) and ISP Throttling

macOS and Windows:

1. Check network QoS settings on your router or network management interface to ensure no QoS rules are throttling VPN traffic.
2. Confirm with the ISP that there is no throttling of VPN traffic.

7. Firewall and Security Software

macOS:

1. Open System Preferences.
2. Review firewall settings to ensure they are not limiting VPN throughput.
3. Check any installed security software for settings that might affect VPN performance.

Windows:

1. Open Control Panel.
2. Review Windows Defender Firewall settings to ensure they are not limiting VPN throughput.
3. Check any installed security software for settings that might affect VPN performance.

Additional Notes:

• If you're using macOS and don't have Homebrew installed, use the following command in Terminal: /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" to install it.  

If none of these steps resolve your bandwidth issue, please contact Timus Network support for further assistance at Support@timusnetworks.com 

What no gateways available mean and possible scenarios

This information message means that if the user is not allowed to connect to any gateway, a specific message will appear in the Timus Connect application.

The administrator must select the remote site for the user in the manager.

But there can be another root cause to show this error when;

• User might not access the Timus Cloud services or doesn’t have internet access.

To verify that, please run:

ping user.timuscloud.com
ping device.timuscloud.com

Also, try to go to user.timuscloud.com or device.timuscloud.com from the browser. If user can not reach connect application will not able to connect.

• timus-connect-background service is not running

  Go to Activity Monitor (Mac) or Task Manager (Windows) on your device and find timus-connect-service.

  Alternatively, you can go to http://localhost:49202 in your browser. If you see the output, it means the service is running.

  

  If you validate that the service is not running, please follow these steps:

  • [MacOS] Validate if service is running

    • Check if the plist file exists

      • Run the commands below to check if they exist:

        #for connect service
        cat /Library/LaunchDaemons/timus-connect-service.plist
        
        #for helper service
        cat /Library/LaunchDaemons/timus-helper-service.plist
        

      • After running the commands, if they exist, please run this command to load the service. After running, please check if the service has started.

        # Avoid if error occurs after running these commands. This is just a make sure none of instance exist on device
        sudo launchctl unload /Library/LaunchDaemons/timus*
        sudo launchctl load /Library/LaunchDaemons/timus*
        

  • [Windows] Validate if service is running

    Find services from search

    

    Make sure this 2 services are exist

    

    If they are not exist and running state try to install them manually see if any error occurs. For clean service install run these commands

    sc.exe stop timus-helper-service
    sc.exe stop timus-connect-service
    
    taskkill /F /IM "timus-connect-service.exe"
    taskkill /F /IM "timus-helper-service.exe"
    
    sc.exe delete timus-connect-service
    sc.exe delete timus-helper-service
    
    cd C:\\Program Files\\Timus Connect\\resources\\service
    
    timus-connect-service.exe -service install && timus-connect-service -service start
    timus-helper-service.exe -service install && timus-helper-service -service start
    

  After validation, if you see that the services are still not running and nothing works, try to start the service manually and check if any crashes occur.

  • [MacOS] Validate if service crash

    Run this command and see if service works

    #for connect service
    sudo /Applications/Timus\\ Connect.app/Contents/Resources/service/timus-connect-service
    
    #for helper service
    sudo /Applications/Timus\\ Connect.app/Contents/Resources/service/timus-helper-service
    

  • [Windows] Validate if service crash

    Run these commands

    cd C:\\Program Files\\Timus Connect\\resources\\service
    timus-connect-service.exe
    

  Let’s assume that a crash happened, which in most cases (99%) is a permission issue.

  At this point, it is better to perform a clean setup by removing all files we have and reinstalling Timus Connect. Please find the section with the clean setup steps for Timus Connect.

  Sometimes, SentinelOne, Bitdefender, or other security tools can prevent Timus Connect from working. We can confirm this by checking the task manager or asking the customer.

Timus Networks, a provider of network security solutions, includes SSL inspection capabilities in its Timus Manager to enhance security by decrypting and inspecting SSL/TLS traffic. This helps in detecting and blocking malicious content that might be hidden within encrypted traffic. However, in certain situations, bypassing SSL inspection for specific trusted websites or services may be necessary. This can be achieved by whitelisting these websites within the Timus Manager. Whitelisting allows specific domains to exclude the SSL inspection process, ensuring that the traffic to and from these sites remains encrypted and is not inspected.

 

How To Guide:

This guide aims to help you understand the benefits of bypass SSL inspection for specific domains in the Timus Manager by adding them to the whitelist.

 

Step 1: Log in to the Timus Manager Portal

 

Step 2: Navigate to the “Rules“on the Left-Pane

 

Step 3: Click on “Web Categories” in Drop Box Menu

Step 4: To Select The “ White List ”, Click On The “Ellipsis (...)” Icon Next To Its Name.

 

Step 5: Click “ Edit “ On The Drop Down Menu

 

Step 6: Click the “ Enter Domain “ Field And Type In The Desired Domain Name

 

Step 7: Click on “ Add “ Button

 

Step 8: Click “ Save “

 

Conclusion:

By following these steps, you successfully bypass the domains for SSL inspection. Whitelisting domains to bypass SSL inspection in the Timus Manager is necessary to maintain the integrity of certain encrypted traffic and ensure smooth operation for trusted websites and services. This approach provides security and functionality by allowing critical or trusted traffic to remain encrypted while continuing to inspect other traffic for potential threats.