|Product Support||Talos Support||Cisco Support||Reference +||Current Release|
|Gateway||Reputation Lookup||Open a support case||Secure Email Guided Setup|
|Cloud Gateway||Email Status Portal||Support & Downloads||docs.ces.cisco.com|
|Email and Web Manager||Web & Email Reputation||Worldwide Contacts||Product Naming Quick Reference|
|Cloud Mailbox||Notification Service|
After commiting some changes on the ironport, the web gui stoped to load. I tried to access back again, the login screen is working fine, but after adding my credentials, It just stand there doing nothing. I tried from Mozilla and IE, same result.
to be sure, I reverted the changes I made before it stoped working using CLI (ssh), but I have the same result; I can access fine to the quarentine page ( port 83)
looking at the logs, the appliance is still processing mails, and according the the auth log I was succesfully authenticated. The http logs only show this:
Wed Sep 5 17:41:00 2012 Info: req:192.168.101.14 user:admin id:eCWTT7oH3WCgk9TCmhPz 200 GET /scfw/1y-7.5.1-102/images/button_primary_bg.gif HTTP/1.1 Mozilla/5.0 (Windows NT 6.1; rv:14.0) Gecko/20100101 Firefox/14.0.1
Wed Sep 5 17:41:00 2012 Info: req:192.168.101.14 user:admin id:eCWTT7oH3WCgk9TCmhPz 200 GET /scfw/1y-7.5.1-102/images/arrow_showhide_showing.gif HTTP/1.1 Mozilla/5.0 (Windows NT 6.1; rv:14.0) Gecko/20100101 Firefox/14.0.1
Wed Sep 5 17:41:00 2012 Info: req:192.168.101.14 user:admin id:eCWTT7oH3WCgk9TCmhPz 200 GET /scfw/1y-7.5.1-102/images/close12_1.gif HTTP/1.1 Mozilla/5.0 (Windows NT 6.1; rv:14.0) Gecko/20100101 Firefox/14.0.1
Wed Sep 5 17:41:05 2012 Info: req:192.168.101.14 user:admin id:eCWTT7oH3WCgk9TCmhPz 200 POST /login HTTP/1.1 Mozilla/5.0 (Windows NT 6.1; rv:14.0) Gecko/20100101 Firefox/14.0.1
Wed Sep 5 17:41:06 2012 Info: login:192.168.101.14 user:admin session:eCWTT7oH3WCgk9TCmhPz
Wed Sep 5 17:41:06 2012 Info: req:192.168.101.14 user:admin id:eCWTT7oH3WCgk9TCmhPz 303 POST /login HTTP/1.1 Mozilla/5.0 (Windows NT 6.1; rv:14.0) Gecko/20100101 Firefox/14.0.1
Wed Sep 5 17:41:06 2012 Info: req:192.168.101.14 user:admin id:eCWTT7oH3WCgk9TCmhPz 303 GET /default HTTP/1.1 Mozilla/5.0 (Windows NT 6.1; rv:14.0) Gecko/20100101 Firefox/14.0.1
Its identifying the browser, and thats all... Looking some other post I found, a reboot may work, but for the customer that would be the last option... Is there a way to restart the http service? or have you seen this behavior before?
any help is appreciated.
Alejandro Moran G
Did you ever figure this out?
I have the exact same problem - I dont know when it started, probably after commit of some minor config change - email still flows in and out, and I can connect to shell (SSH).
funny thing this is a pre-sales demo box - heh - so its been up and running just a couple days (C170, updated to the latest versions it recommended in the update utility)
We had to reboot it ( I was trying to avoid that, but seems its the only way) ... seems its because its not supported to have several tabs or browser to the same appliance, just one window open.
kind of weird - afaik ironport has been around for years, would think it be a bit more robust and mature on the management interface...
I figured one way to "get the gui back" was to disable reporting via CLI.. Diagnostics, reporting, disable. after issuing that command, which never completed as far as the CLI knew, gui came back - but I was unable to get reporting service started again before doing a reboot..
I just learned this from TAC support - dont know if it will solve the issue, but something to try next time it happens:
To disable the GUI from the CLI
1./ enter command "interfaceconfig"
2./ select edit to modify your interface 3./ Select your interface
4./ When you get to "Do you want to enable HTTP on this interface? set to No.
5./ Once you get back the the main prompt enter the command "commit"
6./ Go through this process again to enable HTTP
Web UI will, at first, contact reporting database. Anytime you have an issue with Web UI, I would recommend checking gui_logs and trying to make sure the services (HTTP/HTTPS) are enabled. If the reporting database is the issue, Customer Support can try to fix without deleting the reporting database. In this case, please open a service request.
You could try a telnet from your workstation to the appliance's management IP address, on port 80 and port 443, if those are the ones you are using for management interface. Something like:
>telnet a.b.c.d 80
where a.b.c.d is the IP address of your Email Security Appliance.
This would narrow down browser related issues, like proxy settings.
If you cannot connect via telnet to port 80 or 443 (or whatever other port you decided to use for management), the service could be affected. In this case, we would recommend you to open a service request with our support.
As a best practice, try to do not reboot or power down the appliance before contacting customer support. Also, try never use the power button or remove the power cables, this can cause severe system's corruption. Try to have a workstation connected to the serial port of the appliance, to work as an out of band connection to the appliance in case the appliance stops responding to the network connectivity tests.
I hope this helps.
we'll see - next it happens, if it does, I'll updade here..
another useful command with some output of status/hardware and licensing is ipcheck