Ironport s670 blocking users randomly. Os build 7.1.3-031
I have migrated an old ironport wsa to new s670 appliance, the configuration is same. It worked fine for about a month but now it is blocking legitimate users randomly.
It is happening frequently and there is no pattern for this issue, it's totally random and non predictable. Suddenly it will block the user and after 5 minutes it starts working again. After few hours some other user will fave the issue.
Is there anyone here who faced similar issue or anyone know about any bug in this OS version which can be fixed with version upgrade.
I have experienced a very similar issue recently with a s370 appliance. Troubleshooting led to identifying an incorrect parameter in the authentication settings on the box. In our case the surrogate timeout had been set to 360 seconds. This seemed to lead to an increased load on our AD servers and after resetting it to 3600 seconds we have not seen one of these five minute outages since. We were experiencing them on a daily basis for a few days before we tried this. Cisco support did not confirm that this was an issue, though it seems like more than a coincidence that the outages started after changing that parameter.
Get more with Firepower 6.6.1 – Cisco’s latest suggested release
The latest suggested release for Firepower delivers a Modernized UI, faster eventing, improved usability, and compatibility with the Cisco SecureX platform
In September 2020, Cisco of...
In my setup I see pending approvals under Web clients but also All Client?
In pxGrid 1.0, we have “Dynamic capabilities”. Those have to be approved too. So the difference is one for client approval and the other for capabilities approval. For ex...
I am not able to login to the ASAv device on AWS. I get the following message when I try from another EC2 (ubuntu 16.04) no matching key exchange method found. Their offer: diffie-hellman-group14-sha256 When I try from my Mac - I just get n...
Question. Our legal folks have asked if it is possible to add a footer to outbound email if it went out via TLS. So if it successfully negotiates TLS, can we add a footer that says "Sent successfully via TLS 1.2". Is this possible? ...
Segmentation Strategy - An ISE Prescriptive Guide
For an offline or printed copy of this document, simply choose ⋮ Options > Printer Friendly Page. You may then Print, Print to PDF or copy and paste to any other document ...