01-20-2017 07:25 AM
I am trying to access/export my WSA appliance logs (access logs etc). But for some how I cannot authorize with my administrator login via the FTP link from GUI.The login window appears again after typing username and password in my browser. What should I do to fix this problem ?
01-20-2017 07:10 PM
Firstly you can try using FTP client like FileZilla to see if it works. If it is still same, you can check the following WSA log to see if you can find any clue.
"ftpd_logs" Type: "FTP Server Logs"
01-21-2017 03:12 PM
HI Tao,
I cannot login with Filezilla as well. Do you I need to configure something special to get access to the logs via FTP ?
01-21-2017 05:37 PM
On the page where you configure the interfaces you have to check a box to turn on ftp... but usually you don't get a login prompt without it...
01-24-2017 07:00 AM
Some more information. I cannot find place to enable the FTP. But I guess it is enabled since I got login prompt. So I will not belive that is the case. Please check out the Message from the FTP client.
Appliance mode:
Model: S160
Version: 7.1.4-053 for Web
Message from the FTP (FileZilla).
Command: USER myuser@mypassword@10.10.10.10
Response: 331 User name okay, need password.
Command: PASS *********
Response: 501 Syntax error in parameters or arguments.
Error: Critical error: Could not connect to server
FTP Proxy are configured on the Ironport.
Anyone that seen this issue before?
01-25-2017 09:47 PM
Are you using authentication in the WSA? if yes, does your identity enable that authentication for the FTP traffic?
If yes, have you configure filezilla to use the authentication when connecting to WSA and what method/format that you use in Filezilla for authentication? WSA by default will use checkpoint format.
To check from filezilla (settings -> FTP Proxy -> if WSA using authentication you will need to select custom and enter your authentication format -> enter proxy host such as <wsaIP:8021> -> user and password.
See below link for more info for Filezilla with WSA:
http://www.cisco.com/c/en/us/support/docs/security/web-security-appliance/118044-qna-wsa-00.html
01-25-2017 06:36 AM
Note: By default, the WSA uses port 21 for FTP when connecting to the management interface. If this port is changed, clicking on the FTP link from the GUI will fail. In order to correct this problem, add the FTP port for the management interface after the WSA hostname in the URL in the browser.
http://www.cisco.com/c/en/us/support/docs/security/web-security-appliance/117830-qanda-wsa-00.html
11-10-2019 11:04 PM
First of all, you need to enable FTP on the WSA in GUI Network/Interfaces/place a check mark next to FTP, also fill in the the port number for FTP.
Second, use FTP client(a browser will do) to visit FTP port on WSA.
You should see the log subscription by doing above.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide