Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4977
Views
4
Helpful
4
Replies

Failed to fetch manifest

kinggmmm
Level 1
Level 1

‎05-21-2021 06:34 AM

Hello,

Hope someone helps me,

Cisco WSA can't don't any updates.

 

after opening the console and see as shown in the pic below

 

3 people had this problem
Labels:
Preview file
36 KB
4 Replies 4

Octavian Szolga
Level 4
Level 4

‎07-01-2021 03:27 AM

Hi,

 

Do you happen to have smart licensing enabled? How is your WSA licensed? Classical or smart?

 

BR,
Octavian

Milos_Jovanovic
VIP Alumni
VIP Alumni

‎08-03-2021 06:04 AM - edited ‎08-03-2021 06:04 AM

Hi,

You havent mentioned your version of WSA, but there was a FN back in the days, which can explain such behavior. This could be one explanation.

Also, I saw similar behavior on other systems which havent been upgraded for a while, and which have older certificates installed. The issue there was that Cisco changed certificate on their portals, and these devices were unable to verify that specific certificate. Based on config file, I would say that you need to validate update-manifests.sco.cisco.com.

Finally, and again depending on your current version, you could check System Administration / SSL Configuration, to see if newer TLS protocols are enabled (remember that TLS 1.0 and 1.1 are considered insecure and deprecated).

BR,

Milos

Ced W
Level 1
Level 1

‎09-27-2024 10:53 AM

Hi, I know this thread is old but hopefully someone can help...
I have a new WSA fresh out the box, s196. I am totally new to proxy servers and I am not sure how to configure it to get to the internet to install the smart license, then to be able to run the setup wizard. I am trying to connect it between 3850 switch and ASA 5525 in transparent mode. Any help is much appreciated, thank you ...!
AsyncOS 15.2.0 for Web build 116

0 Helpful

amojarra
Cisco Employee
Cisco Employee

‎09-28-2024 11:13 AM

@Ced W 

I would say you can use some tools in WSA to do the troubleshooting 

sine we do not have telent command anymore in WSA , so instead of that I can suggest:

[1] traceroute     <--- CLI 

[2] PCAP   <---- GUI 

[3] ssltool    <---- CLI 

[4] curl <---- CLI 

[5] nslookup <---- CLI 

 

on the other hand, may I ask what is the issue. you can check the URL which WSA is trying to access in the SmartLicense page: 

amojarra_0-1727546960335.png

and you can see the interface as "test Interface" 

so you can see which IP has been resolved for that URL (nslookup smartreceiver.cisco.com) set that as conditions in your PCAP, 

(GUI > top right > Support and Help>PAcket Capture > Edit setting > enter the IP > start PCAP ) 

and before trying to start registering , you can tail the smart license log 

CLI. > tail > choose the number associate with  "smartlicense" Type: "Smartlicense Logs" Retrieval: FTP Poll

you will see if there are any connectivity Error, internal errors, or smart license error.

 

 

Regards,

Amirhossein Mojarrad

+++++++++++++++++++++++++++++++++++++++++++++++++++

++++     If you find this answer helpful, please rate it as such    ++++

+++++++++++++++++++++++++++++++++++++++++++++++++++

Regards,
Amirhossein Mojarrad
+++++++++++++++++++++++++++++++++++++++++++++++++++
++++ If you find this answer helpful, please rate it as such ++++
+++++++++++++++++++++++++++++++++++++++++++++++++++
Customers Also Viewed These Support Documents