Ash Again, thanks. After I have configured DNS Settings for WSA and SMA in my lab environment.I was able to log on to the ngui easily. So Yes it is important to meet the requirement for the DNS Server. The Appliance must be able to resolve their own name by it self.
... View more
Hi Ash Thanks for your Reply, I have the WSA and now also the SMA installes in a separated lab environment without a local DNS Service running. I just use Google DNS Servers for public DNS Services. Does that mean that I can't use this trailblazer feature until I do have a local DNS Server instead of the public? The other two points about Ports and firewall are already given.
... View more
Hi guys and ladies. today I was playing with a virtual WSA I have done the upgrades from Version 11.5 to 11.7 and finally 11.8. After the last reboot, It showes me the new gui feature at the top of the window. By clicking on it nothing happend. In the documentation for ASYNC OS 11.8 I found. trailblazerconfig
You can use the trailblazerconfig command to route your incoming and outgoing connections through HTTP and HTTPS ports on the new web interface.
By default, trailblazerconfig CLI command is enabled on your appliance. You can see the inline help by typing the command: help trailblazerconfig.
The syntax is as follows:
trailblazerconfig enable <https_port> <http_port>
'enable' runs the trailblazer on the default ports (HTTPS: 4431 or HTTP: 801).
'disable' terminates the trailblazer
'status' checks the status of the trailblazer.
If you have enabled trailblazerconfig command on the appliance, the request URL will contain the HTTP/HTTPS port number appended to the hostname.
You can try any one of the following steps to make the navigation in your browser seamless:
Accept the cerificate used by the web interface and use the following URL syntax: https://hostname:<https_api_port> (for example, https://some.example.com:6443) in a new browser window and accept the certificate. Here <https_api_port> is the AsyncOS API HTTPS port configured in Network > IP Interfaces. Also, ensure that the API ports (HTTP/HTTPS) are opened on the firewall.
By default, trailblazerconfig CLI command is enabled on your appliance. Make sure that the HTTP/HTTPS ports are opened on the firewall. Also ensure that your DNS server can resolve the hostname that you specified for accessing the appliance.
If the trailblazerconfig CLI command is disabled, you can run the trailblazerconfig > enable command using the CLI to avoid the following issues
Requiring to add multiple certificates for API ports in certain browsers.
Redirecting to the legacy web interface when you refresh the Spam quarantine, Safelist or Blocklist page.
Metrics bar on the Advanced Malware Protection report page does not contain any data. Guess what happend, nothing. When I do the enable command, I receive the positive feedback that it is enabled now. When I then perform the status command after this, I get the information that trailblaezer is not running. Is there somthing that I have missed? I am open for anykind of help.
... View more