I am failing to register my ASA with Sourcefire module. I see in the V DC that the syslog says it connected to the module successfully, but fails to authenticate
“sftunneld:sf_ssl [WARN] VerifyConnect:Failed to authenticate or to be authenticated by peer”
Verify that the key being used to configure the manager on the SFR module and the key entered when registering the SFR Module as a Device in Defense Center are the same.
I had to open a TAC about this. The problem was that, after a forced power reload of the ASAs, a file "sftunnel.conf" got corrupted. It seems that this file is responsible for the the communication service between the Manager and the SFR. If the service is down then the SFR does not listen on TCP/8305. So the TAC engineer stopped the service, deleted the corrupted file, recreated it and restarted the service. All these from the expert CLI mode of the SFR.
I logged the TAC engineer's session so here it is (see attached tac_session_log.txt). Though, you will need the root password to be able to perform what he did.
He sent me the text file sftunnel.conf (included in sftunnel.zip), browsed in /etc/sf/ and created the file named sftunnel.conf with vi editor, where he copy-pasted the text from the file he had sent me.
I hope that helps.
It did not worked for me. I get access denied at on one point of the process. If i reimage the module, will that help? Or i will have yhe same issue?
Can anyone try to deny youtube.com by using sfr?
I did such test that fail for me because it's not blocking when I try to access site using Internet Explorer.
Had the same issue. Followed the instructions on how to edit in VI then pasted the attached sftunnel.conf and saved. Module registered instantly.
Did you figure this one out?
I get exactly the same on my ASA SFR.
"Communication channel for management interface is not configured!"