I seem to have been able to get connected.  Only thing is when I type the escape character I get that could not authenticate client.

> telnet v2.sds.cisco.com 443

Trying 184.94.240.102...
Connected to 184.94.240.102.
Escape character is '^]'.
^]
1017: Could not authenticate client
Connection closed by foreign host.

You haven't made any changes to the websecurityadvancedconfig, have you?

Default config should look like --->

myesal.local> websecurityadvancedconfig

Enter URL lookup timeout (includes any DNS lookup time) in seconds:

[15]> 

Enter the URL cache size (no. of URLs):

[1215000]> 

Do you want to disable DNS lookups? [N]> 

Enter the maximum number of URLs that should be scanned:

[100]> 

Enter the Web security service hostname:

[v2.sds.cisco.com]> 

Enter the threshold value for outstanding requests:

[50]> 

Do you want to verify server certificate? [Y]> 

Enter the default time-to-live value (seconds):

[30]> 

Do you want to include additional headers? [N]> 

Enter the default debug log level for RPC server:

[Info]> 

Enter the default debug log level for SDS cache:

[Info]> 

Enter the default debug log level for HTTP client:

[Info]> 

Try also to flush the web security cache --->

myesa.local> webcacheflush

Web Security cache has been flushed.

I didn't make any changes but some values are slightly different from what you posted:

Enter URL lookup timeout (includes any DNS lookup time) in seconds:
[5]>

Enter the URL cache size (no. of URLs):
[810000]>

Should I change those to what you posted and then flush the webcache?  I haven't received another email from earlier though.  I'm thinking my timeout of 5 is too small.

Checking several appliances I have - I see a variation in the settings.  :-(  I would say - try 15, I have that running on an at home production virtual, and have seen no issues w/ the URL filtering, connections - based on testing I am currently doing...

Ok, the values are updated and committed.  Web UI still says connected.

Who knows, maybe it was a small latency issue earlier that make it timeout after 5 seconds.

Thanks for your help.

This same message happened 3 days in a row now.  Something up with v2.sds.cisco.com?

I notice whenever I try to download the Windows 10 preview, this happens too.  The download runs 5.5 - 6 MBps.  We have two 50 meg circuits.

I have to try to download Windows 10 preview multiple times because it will sometimes just quit partially or when almost finished.

Also - have you just started using this, upgraded to 8.5.6-074?  Do you have firewall opened accordingly?

Per the guide:

Yes, we do not block 443 outbound from that subnet.

In the web gui it says "Connected", so maybe it was an intermittent issue?  Still I'm thinking of altering the timeout.

Hey Greg,

There are some changes I would like to suggest to put forward (there was a recent change in the URL filtering service as well). (covered: http://www.cisco.com/c/en/us/support/docs/field-notices/641/fn64111.html)

But the changes I am suggesting, is from what I've worked with personally to cover some issues noted:

Enter URL lookup timeout (includes any DNS lookup time) in seconds:

[20]> 30

Enter the URL cache size (no. of URLs):

[810000]>

Do you want to disable DNS lookups? [N]>

Enter the maximum number of URLs that should be scanned:

[100]> 50

Enter the Web security service hostname:

[v2.sds.cisco.com]>

Enter the threshold value for outstanding requests:

[50]> 5

Do you want to verify server certificate? [Y]>

Enter the default time-to-live value (seconds):

[30]> 600

Do you want to include additional headers? [N]>

Enter the default debug log level for RPC server:

[Info]>

Enter the default debug log level for URL cache:

[Info]>

Enter the default debug log level for HTTP client:

[Info]>

Regards,

Matthew