CTA: Failed to connect to etr.cloudsec.sco.cisco.com: DNS Soft Error

spacemeb · ‎05-20-2022

Hello,

The following CTA: Failed to connect to etr.cloudsec.sco.cisco.com: DNS Soft Error has been observed on my two old appliances that are running 12.5.1-043 code.

However, ssh tests to that url are successful, I cannot specify why we observe them

Also searched the bugs but I did not find anything useful.

amojarra · ‎05-22-2022

Follow these steps to check connectivity:

1. Log in to the CLI of the WSA.

2. Enter the logconfig command.

3. Enter the hostkeyconfig command.

4. Enter the scan command.

5. Enter the CTA server hostname: etr.cloudsec.sco.cisco.com

6. Choose All when asked for the SSH protocol type.

7. Enter Y when asked whether the CTA host key should be added.

Note: If you receive the below log, it means the DNS server is unable to resolve etr.cloudsec.sco.cisco.com. This has nothing to do with the CTA configuration. You must resolve the DNS issue from the DNS server, or you can add a new local IP to host mapping from the CLI > dnsconfig > local hosts > new

Log Error: Push error for subscription CTAlog: Failed to connect to etr.cloudsec.sco.cisco.com: DNS Soft Error looking up etr.cloudsec.sco.cisco.com (A)

also, lets try these to make sure the DNS resolution is working correctly

telnet etr.cloudsec.sco.cisco.com 22

ping  etr.cloudsec.sco.cisco.com

nslookup  etr.cloudsec.sco.cisco.com

from my PC, I am resolving multiple deferent IP from My network, check from a another system in your Network to see if the Name resolution is working correctly