|Product Support||Talos Support||Cisco Support||Reference +||Current Release|
|Gateway||Reputation Lookup||Open a support case||Secure Email Guided Setup|
|Cloud Gateway||Email Status Portal||Support & Downloads||docs.ces.cisco.com|
|Email and Web Manager||Web & Email Reputation||Worldwide Contacts||Product Naming Quick Reference|
|Cloud Mailbox||Notification Service|
We are getting these errors. What can be done? I found one old post about changing the "outstanding requests" But I dont know if that post still is valid?
Communication to the dns-name works as it should.
The Warning message is:
Unable to connect to Cisco Web Security Service.
URL Filtering will not work correctly.
Please verify all network, proxy and firewall settings.
Connection to "v2.sds.cisco.com" failed.
The last error seen on this connection: "Request failed with code: 28 (Operation timed out after 0 milliseconds with 0 out of 0 bytes received)"
Last message occurred 3 times between Fri May 17 08:54:18 2019 and Fri May 17 09:01:09 2019.
Timestamp: 17 May 2019 10:02:41 +0200
We have this config under websecurityadvancedconfig
Enter URL lookup timeout (includes any DNS lookup time) in seconds:
Enter the URL cache size (no. of URLs):
Do you want to disable DNS lookups? [N]>
Enter the maximum number of URLs that can be scanned in a message body:
Enter the maximum number of URLs that can be scanned in the attachments in a
Enter the Web security service hostname:
Enter the threshold value for outstanding requests:
Do you want to verify server certificate? [Y]>
Do you want to enable URL filtering for shortened URLs? [Y]>
For shortened URL support to work, please ensure that ESA is able to connect to
bit.ly, tinyurl.com, ow.ly, tumblr.com, ff.im, youtu.be, tl.gd, plurk.com,
url4.eu, j.mp, goo.gl, fb.me, alturl.com, wp.me, chatter.com, tiny.cc, ur.ly
Enter the default time-to-live value (seconds):
Do you want to rewrite both the URL text and the href in the message? Y
indicates that the full rewritten URL will appear in the email body. N
indicates that the rewritten URL will only be visible in the href for HTML
Do you want to include additional headers? [N]>
Enter the default debug log level for RPC server:
Enter the default debug log level for URL cache:
Enter the default debug log level for HTTP client:
Still valid and necessary even in the newer releases, yes. I've requested that the notice be updated to avoid future confusion.
Adjusting the outstanding request did not help.
The log shows the following:
Tue May 21 10:45:48 2019 Warning: cache : THR: cache_manager-cloud_connector: SRC: antispam: MID: 2519308: REQ_ID: 99215.1558428343: 3 consecutive connection errors. Assuming connection to 'v2.sds.cisco.com' is down
Tue May 21 10:45:49 2019 Warning: cache : THR: cache_manager-cloud_connector: SRC: antispam: MID: 2519308: REQ_ID: 99215.1558428343: The 'sds_host' connection to 'v2.sds.cisco.com' has recovered now
Thanks for the update. If these are intermittent and only for a few seconds at a time then it is possible they could be related to network latency. The threshold change is not a fix all but it's certainly a must to make sure there's nothing else being impacted by it. One note would be that the v2.sds.cisco.com servers are not currently globally distributed, so depending on where your servers are located you could potentially be experiencing less/more latency and increased timeouts.