cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3564
Views
5
Helpful
4
Replies

Cisco ESA - The File Analysis server is not reachable

yevgen1991
Level 1
Level 1

Hi All!

 

I have a Warning message in my Cisco ESA:

The File Analysis server is not reachable. SSL peer certificate or SSH remote key was not OK

I checked the firewall, the access to File Analysis link is OK.

 

What must I check next, how can I check "SSL or SSH" issue?

Cisco ESA C600V v. 13.0.0

 

Thanks!

4 Replies 4

Libin Varghese
Cisco Employee
Cisco Employee

If telnet from the ESA to the file analysis server on 443 is successful, I would suggest setting up a packet capture for that server.

 

Also, ensure there are no network devices such as proxy/firewall doing SSL inspection or modifying the certificate from the Cisco server in any way.

 

Regards,

Libin

Thanks, but there is no Proxy settings in "File Analysis" tab. Proxy are only in "File Reputation" tab.

FA.jpg

 

Proxy server config option is available for file analysis in 14.0 release

Libin Varghese
Cisco Employee
Cisco Employee

I was referring to a proxy in the network or another network device looking at 443 traffic, not a configuration on the ESA.

But as Sudheendra mentioned, that configuration option is also in the roadmap for early next year.

 

Regards,

Libin