Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
194
Views
1
Helpful
4
Replies

The File Analysis server is not reachable

Marcus-Pein
Level 1
Level 1

‎06-02-2025 05:12 AM

Hello,

I see this Warning in the ESA / AMP Log.

  The File Analysis server is not reachable. The AMP File Analysis server CA certificate has expired or is invalid.

What can I do?

 

 

Labels:
0 Helpful
4 Replies 4

Mathew Huynh
Cisco Employee
Cisco Employee

‎06-02-2025 04:41 PM

Hello Marcus

 

First thing is to ensure that your device is on the latest AsyncOS version where it's still receiving updates like the enrollment client which has the CA certs in which the ESA would need to function.

If you're on a supported version;  could go into the CLI and potentially also just run "updatenow force" and monitor the update logs - we want to ensure the certificates are also being updated.


Next if the error is persisting; we may need to find out if your device is able to connect to your threatgrid server on the required port. You can verify which file analysis server you've set in the GUI -> Security Services -> File Reputation and Analysis -> Edit the settings and click advanced to see which server you've chosen.

 

Make sure your device can connect to that server on port 443; you can do this in the CLI with telnet <File Analysis Server Chosen> 443

 

Thanks,

Mathew

0 Helpful

Marcus-Pein
Level 1
Level 1
In response to Mathew Huynh

‎06-03-2025 05:12 AM

Hello Mathew,

we have installed the following version on the ESA:

Product: Cisco C600V Secure Email Gateway Virtual
Model: C600V
Version: 16.0.1-019

The Telnet connection works perfectly.

On Monday, we renewed the SSL certificate in the Threat Grid under Configuration / Authentication / SSL, downloaded it, and installed it on the ESA under Security Services / File Reputation.

Do you have any idea what the problem is?

Thanks,

Marcus 

 

 

0 Helpful

Mathew Huynh
Cisco Employee
Cisco Employee
In response to Marcus-Pein

‎06-03-2025 06:11 PM

Hello Marcus,

Upon reading "On Monday, we renewed the SSL certificate in the Threat Grid under Configuration / Authentication / SSL, downloaded it, and installed it on the ESA under Security Services / File Reputation." 

Am I right to presume you are using on-prem ThreatGrid which the ESA is connecting to ?

Thanks,

Mathew

0 Helpful

Marcus-Pein
Level 1
Level 1
In response to Mathew Huynh

‎06-04-2025 03:49 AM

Hello Mathew,

yes, we have two on-prem ThreatGrid.

The problem has been solved. We have rebooted the thread grid on which we have renewed the certificate. After restarting the machine the connection worked.

Thanks for your help.

Best regards

Marcus

 

Customers Also Viewed These Support Documents