Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5025
Views
0
Helpful
5
Replies

SMA Error "Unexpected EOF on Connect" -> Cannot add Virtual ESA Hosts

Go to solution
jaksptr99
Level 1
Level 1

‎07-10-2015 12:46 AM

Hi there,

I wanna ask about the Security Management Appliance (SMA) error which we encounter. This is the case below.

 

SMA

|

|

Main_Group (cluster)

ESA1 (virtual)-ESA2(virtual)-ESA3(physical)-ESA4(physical)

 

Our system consists of four ESA units. We were just migrating two units from physical ESA to virtual ESA, and the appliance is running well. Note that we use the same network configuration we used previously for the physical ESA.

The problem is when we want to add the new virtual ESAs (ESA1 and ESA2) to the SMA, we keep getting the error message: "Unexpected EOF on Connect".

SMA Error EOF

Is there something missing from our configuration, or is there any additional steps in migration/adding the ESA in the WSA unit?

We are waiting for anyone for help, because we need to implement this as soon as possible.

Any kind of help is appreciated. Please help.

 

Thank you.

jaksptr

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Robert Sherwin
Cisco Employee
Cisco Employee

‎07-17-2015 05:34 AM

What version of AsyncOS for Email Security is on the ESA(s)?

What version of AsyncOS for Security Management is on the SMA?

There are times if the previous IP has been used on the ESA(s) that the SMA will have initial communications issues when trying to add the ESA and re-establish communication.  If that is the case, I would suggest that you open a support case and allow us to view the appliances from the backend via support tunnel.

Hope that helps!

-Robert

Cheers,
Robert Sherwin

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Robert Sherwin
Cisco Employee
Cisco Employee

‎07-17-2015 05:34 AM

What version of AsyncOS for Email Security is on the ESA(s)?

What version of AsyncOS for Security Management is on the SMA?

There are times if the previous IP has been used on the ESA(s) that the SMA will have initial communications issues when trying to add the ESA and re-establish communication.  If that is the case, I would suggest that you open a support case and allow us to view the appliances from the backend via support tunnel.

Hope that helps!

-Robert

Cheers,
Robert Sherwin
0 Helpful

Go to solution
jaksptr99
Level 1
Level 1
In response to Robert Sherwin

‎07-23-2015 02:37 AM

We did solve the case by contacting the TAC, because this is too technical and yet crucial for customer so we opened remote access and case is solved in few hours. Thank you.

0 Helpful

Go to solution
wladimir.gruenemaier
Level 1
Level 1
In response to jaksptr99

‎04-07-2016 04:31 PM

Such EOF errors are actually normal after an RMA, and may usually resolved by logging via Command Line Interface into the SMA, and delete all old host keys by running the commands ‚logconfig‘ and ‚hostkeyconfig‘.

If the EOF errors then still persist, it might be that the new ESA blacklisted the SMA from SSH connections though it’s IP blocking service. This service cannot be restarted at the CLI or GUI level, but TAC could restart the relevant blocking process manually. Alternatively, you might consider performing a reboot of the affected ESA, as this will as well clear the blocklist accordingly. 

0 Helpful

Go to solution
Mathew Huynh
Cisco Employee
Cisco Employee

‎07-19-2015 09:23 PM

Hello Jaksptr,


Just building on Robert's response as well.

Could you attempt to do a telnet test from your SMA's IP to your ESA's linked IP's on port 22 and do the same from ESA to SMA to see the response.

 

Typically Unexpected EOF would indicate something caused a connection termination.

 

Thanks,

Matthew

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents