Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
760
Views
0
Helpful
3
Replies

Problem with non-standard port for https when migrating to virtual WSA

DavidBarnes29511
Level 1
Level 1

‎03-22-2021 07:56 AM

I am migrating from physical WSA appliances running v 10.1.5-004 to virtual appliances running v 10.5.6-024, Everything looks identical between the two, however when I use the virtual WSA, I cannot get our Splunk instances. Splunk uses port 8000 for web connection to the GUI. Port 8000 is not specifically set up on http or https on the older WSAs and I can get to Splunk when using the old ones. Since everything is set up the same, I should be able to get there on the virtual ones, but it fails. I have to go into the browser proxy settings and enter the IP addresses manually in the LAN Settings, Proxy Server, Advanced, Exceptions section. I have an identification profile for specific servers to by pass the proxy and Splunk is in that list. It works on the old box, but not the virtual. What am I missing? Is this because for testing I have set the virtual WSA in the Network, Transparent Redirection tab to "Layer 4 switch or No Device" so I can manually set the proxy at the browser? 

Labels:
0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎03-22-2021 08:59 AM

Look at the access Log while access and post the log to understand what is wrong ?

 

what is the IP address of WSA and SPLUNK (in the same network ?)

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

DavidBarnes29511
Level 1
Level 1

‎03-22-2021 09:23 AM

I am not able to upload the logs. The old and new WSA both have an IP of xx.16.100.xxx. Splunk has an IP of xx.16.110.xxx

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to DavidBarnes29511

‎03-22-2021 09:33 AM

honestly i had see this issue when we did 10.5.X  code - port 80 not workiing how ever and what ever way we tried - it did not not worked, i used different port start working, i could not able to figureout what was the issue, then we migrate to 11.X and 12.X  all got fixed automatically( may be it is same like 8000 port may be).

 

still logs are important to understand where it was having issue.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents