Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1521
Views
0
Helpful
4
Replies

SMA Issue with ESA

Go to solution
mannygawadcco
Level 1
Level 1

‎08-14-2017 02:57 AM

Hi,

I have 1 vSMA(600) and 2 vESA(600), i was able to merge all the reporting and quarantine stuff including PVO and they are working perfectly.

However, if i want to change the policy, i did see any policy like incoming and outgoing mail policies, etc... in the SMA, how can i enable it to SMA so that i don't have to login to any of the ESA. and i want to make sure the configuration change in the first ESA will be replicated in second ESA.

Thanks,

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee

‎08-14-2017 05:34 AM

Hi,

Centralized configuration of the ESA would need to be managed using clustering and not from the SMA.

You can create and manage clusters on the ESA using command "clusterconfig". Usage and implementation steps are available in the end user guides.

Chapter 40: Centralized Management Using Clusters

https://www.cisco.com/c/dam/en/us/td/docs/security/esa/esa10-0/ESA_10-0_User_Guide.pdf

Once appliances are part of a cluster changes made on one ESA would reflect on the other ESA's part of the same cluster group.

Regards,

Libin Varghese

View solution in original post

0 Helpful

Go to solution
Ken Stieers
VIP
VIP
In response to mannygawadcco

‎08-14-2017 07:17 AM

You can do the configuration on either ESA, and it replicates to the other(s).  It's "multi-master"

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee

‎08-14-2017 05:34 AM

Hi,

Centralized configuration of the ESA would need to be managed using clustering and not from the SMA.

You can create and manage clusters on the ESA using command "clusterconfig". Usage and implementation steps are available in the end user guides.

Chapter 40: Centralized Management Using Clusters

https://www.cisco.com/c/dam/en/us/td/docs/security/esa/esa10-0/ESA_10-0_User_Guide.pdf

Once appliances are part of a cluster changes made on one ESA would reflect on the other ESA's part of the same cluster group.

Regards,

Libin Varghese

0 Helpful

Go to solution
mannygawadcco
Level 1
Level 1
In response to Libin Varghese

‎08-14-2017 06:57 AM

Hi,

so in that case after configuring the cluster for example in the first ESA, and added the second ESA.

Does it means that i will always do the configuration from the first ESA, then it will sync with the second ESA automatically?

Please confirm!

0 Helpful

Go to solution
Ken Stieers
VIP
VIP
In response to mannygawadcco

‎08-14-2017 07:17 AM

You can do the configuration on either ESA, and it replicates to the other(s).  It's "multi-master"

0 Helpful

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee
In response to mannygawadcco

‎08-14-2017 07:19 AM

There isn't a primary secondary on the clustered appliances.

So you could login to either of the 2 ESA's, make a configuration change and commit changes and it would take effect on the other ESA as well.

- Libin V

0 Helpful
Customers Also Viewed These Support Documents