Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
396
Views
0
Helpful
1
Replies

SNI support on ESA

Go to solution
lizmherbert
Level 1
Level 1

‎06-26-2023 01:33 PM

Hi all,

I am attempting to integrate a 3rd party encryption service with Cisco ESA.

The expected mail flow route is 365 -> ESA -> encryption server -> ESA -> final delivery.

My encryption server requires SMTP Auth, SNI and SSL/TLS.

I have a TLS enforced in an entry to the destination controls table.

I have SMTP Auth configured as part of an SMTP delivery route.

However, I cannot see where SNI can be configured, I need ESA to present the domain of the encryption server during the TLS handshake.

Error message is: H=(esa1.hc0000-51.iphmx.com) [216.xx.xxx.xxx] X=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no F=<sender@domain> rejected RCPT <recipient@domain>: Unauthorized

Can anyone assist? Thanks in advance

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
UdupiKrishna
Cisco Employee
Cisco Employee

‎07-02-2023 07:06 PM

SNI is still not supported by ESA, here's a pending enhancement request - CSCvv78629

View solution in original post

0 Helpful
1 Reply 1

Go to solution
UdupiKrishna
Cisco Employee
Cisco Employee

‎07-02-2023 07:06 PM

SNI is still not supported by ESA, here's a pending enhancement request - CSCvv78629

0 Helpful
Customers Also Viewed These Support Documents