cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
684
Views
0
Helpful
7
Replies
Highlighted
Beginner

Problems with new ESA console after upgrading to version 13.0.0-375 CISCO C190

Good day.

 

After upgrading the version of my ESAS i can´t access to the new interface giving me this error after waiting a while.

Apparently everything is correct in our firewall, indeed i am getting access to the new console of the SMA without problem.

this is the error:

504 Gateway Time-out


nginx

 

7 REPLIES 7
Highlighted
Participant

Re: Problems with new ESA console after upgrading to version 13.0.0-375 CISCO C190

Hi there,

 

instead of : https://mvxx.fmcna.com:4431/ng-login

 

try using

 

https://mvxx.fmcna.com/ng-login

 

replaced mvxx with your hostname

 

Kind regards

Marc

Highlighted
Beginner

Re: Problems with new ESA console after upgrading to version 13.0.0-375 CISCO C190

Good day Marc.

 

Great, you were right. I don´t know why is redirecting to xxx:4431 when is not used.

Now I have a new error when I enter my credentials: either API server is not started or is unreachable.

 

1.- API HTTP and HTTPS port enabled--> DONE

2.-Post upgrade, trailblazerconfig is enabled by default--> I dont know what this means.

3.-The configured HTTPS port must be opened on the firewall --> DONE

4.-DNS server should resolve the hostname that you have specified for accessing the appliance. --> DONE

 

Thanks,

 

Andres D.A.

Highlighted
Participant

Re: Problems with new ESA console after upgrading to version 13.0.0-375 CISCO C190

Hi Andres,

 

trailblazer is a new "server task" in charge of the new GUI. For more details see here:

https://www.cisco.com/c/en/us/support/docs/security/content-security-management-appliance/214391-administrative-details-on-trailblazer.html

 

We have experienced this issue when during the beta phase when our firewalls (local and DMZ) would not allow port 4431 to pass between browser and ESA. I would start by looking if you can telnet your ESA on this port or simply ask your networking guys.

 

I hope that helps

 

=Marc

Highlighted
Beginner

Re: Problems with new ESA console after upgrading to version 13.0.0-375 CISCO C190

I currently setting up C395 ESA running AsyncOS 13.0.0-392

I have configured trailblazer enable and open port required (80,443,4431,6080,6443 telnet ok) but got error "504 Gateway Time-out" when browsing "https://myhost:4431/ng-login".

If I try "https://myhost/ng-login" it working fine without any error.

Is there something I'm missing?

Highlighted
Participant

Re: Problems with new ESA console after upgrading to version 13.0.0-375 CISCO C190

You are all set, the redirect in the link is just wrongly coded. Even this issue was reported before Cisco seems a bit slow to fix it.

Highlighted
Beginner

Re: Problems with new ESA console after upgrading to version 13.0.0-375 CISCO C190

Does this mean we no longer need to open port 4431 on firewalls to be able to access the new GUI?

Highlighted
Beginner

Re: Problems with new ESA console after upgrading to version 13.0.0-375 CISCO C190

Hello,

 

It seems that this is a mistake with port 4431, i just use : https://@IP SMA/ng-login and it works after i enable in CLI trailblazerconfig enable