Jose,

Is there a document or web page that describes running an ESA on a VM? I have read the 214616 several times, including the links in the document, but I cannot find anything about the VM. Also, how do I "reach out" to TAC? I found TAC but it looks like a video repository.

Thanks,

Jim

Hi Ken,

I have a new server running VMWare ESXi and loaded Cisco AsyncOS C100. Cisco TAC provided the license which I have installed on the new virtual ESA. I am now stuck on getting the Feature Keys changed from DORMANT to ACTIVE but I am unable to create a support ticket. TAC wants a support contract number and when I go to Cisco Sales, the Cisco Presales Specialist does not know what a Support Contract is. 

TAC does not recognize the serial number from the C170. Any suggestions on how I can get Cisco support? I need to (a) get the Feature Keys ACTIVE, (b) install the configuration file from the old C170 onto the new C100 virtual ESA and (c) sort out my serial number(s) or support contract number.

Thanks,

Jim

Hi Ken,

I don't want to overstay my welcome on this ticket, but it is the only place where someone is responding. I just need to get a ticket open on this new VM C100.  I downloaded the VLN license number via "showlicense" with the CLI but TAC does not recognize it even though TAC license support gave me the license file. 

I tried to install the C170 configuration file in the C100 GUI - System Configuration, Configuration File, Load Configuration - but I get this failure message: "Error — Configuration file was not loaded. ERROR: Element 'whitelist' not allowed here at Unknown:236:18 Text: access_control_config> <whitelist></whitelist> <blacklist></blacklis" I searched the Cisco bug database for awhile with no luck. 

I tried to activate the feature keys under System Administration, Feature Keys, Feature Key Activation, and I get "Error — Errors have occurred. Please see below for details. Feature key is malformed."  I tried several ways to write the feature key in the input box with no luck. Is there an instruction document for any of this?

Thanks,

Jim Capron

you don't need to do that...  what you're trying to do, is add keys, which would be the old school version.  

To add the licenses to the VM, you'd either ftp the file you got to the vm, and then run loadlicense in the cli to import it. 

or run loadlicense, and then paste the contents of the file in.

I suspect you already did that..

NOW, in the gui, go to the feature in question, enable it.  I'll use DLP because this one isn't enabled 

Go to Security Services/DLP, click Enable

Accept the license

All set!!!  Do that until all of them flip.  Then load the config. 

I was able to Activate 6 of the 8 feature keys by finding the associated Security Service. The two that have no associated Security Service that I can determine, are:

Incoming Mail Handling Dormant 675 days 08 Apr 2024 21:01 (GMT +00:00)
Bounce Verification Dormant 675 days 07 Apr 2024 23:59 (GMT +00:00)

Also, I tried installing the C170 configuration file again and got the same failure message:

Error — Configuration file was not loaded. ERROR: Element 'whitelist' not allowed here at Unknown:236:18 Text: access_control_config> <whitelist></whitelist> <blacklist></blacklis

Any suggestions would be appreciated.

Jim Capron

Ken,

Thanks for all your assistance. After about 6 hours with an XML editor and a lot of guessing, I was finally able to upload the modified C170 configuration file. The new C100 is up and humming along. Our mailboxes are a lot thinner under Async 14 and the now updated Sophos Anti-Virus database.

Thanks again,

Jim

PS: for anyone in this same predicament, I have a detailed file showing the errors and fixes to the ESA configuration file that I made to get it to work.

Hi Jim, I am having a lot of issues with the license XML file too, you mentione you have a file on how to get it to work? Can you share that information?

Thanks
Todd

Thank you Ken, that worked. I had been trying to enter the feature keys in the gui and they said they were malformed.