Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
773
Views
2
Helpful
4
Replies

Reinstalled WSA cannot be added to M300

Go to solution
Revantha
Level 1
Level 1

‎06-12-2024 07:48 PM

Hi,

I reinstalled a WSA (virtual instance) and the license token was added it all went well until the point of adding it to the M300. The IP address of the WSA is 10.5.179.162, the same with a different host name was tried to be added to the M300, as the point of establishing connection i get the below message :

"Add Web Security Appliance
Error — The host key for 10.5.179.162 appears to have changed.
It is possible that someone is trying to hijack the encrypted connection to the remote host. Please use the logconfig->hostkeyconfig command to verify (and possibly update) the SSH host key for 10.5.179.162.

"

I have cleared the SSH keys on the WSA  with the hostkeyconfig command yet I cannot add the  reinstalled WSA 10.5.179.162 to the M300, when I click on submit to add  nothing happens even after 2 hours.

Cam anybody please help me to resolve this issue as I need to urgently get the WSA back online.

Thank you 

revantha

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎06-12-2024 10:28 PM

what is the version of code running on M300 ?

WSA running this code ? 10.5.179.162 ?

if the WSA already added remove and check by issue the commands and scan again and check :

https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/119177-ts-hijack-error-esa-00.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Revantha

‎06-13-2024 12:07 AM

SMA should be always higher version than WSA to Manage.

Check compatible matrix and upgrade accordingly and check.

https://www.cisco.com/c/dam/en/us/td/docs/security/security_management/sma/sma_all/web-compatibility/index.html

Notes, make sure you have backup before upgrade both WSA and SMA

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

0 Helpful
4 Replies 4

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎06-12-2024 10:28 PM

what is the version of code running on M300 ?

WSA running this code ? 10.5.179.162 ?

if the WSA already added remove and check by issue the commands and scan again and check :

https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/119177-ts-hijack-error-esa-00.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
Revantha
Level 1
Level 1
In response to balaji.bandi

‎06-12-2024 11:32 PM

Hi

M300 is on 14.1.0-227 while the WSA is on 14.5.0-537, I did the same
procedure outlined in
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/119177-ts-hijack-error-esa-00.html

But it does not let me add the WSA back again..

regards

revantha
0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Revantha

‎06-13-2024 12:07 AM

SMA should be always higher version than WSA to Manage.

Check compatible matrix and upgrade accordingly and check.

https://www.cisco.com/c/dam/en/us/td/docs/security/security_management/sma/sma_all/web-compatibility/index.html

Notes, make sure you have backup before upgrade both WSA and SMA

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Revantha
Level 1
Level 1
In response to balaji.bandi

‎06-13-2024 06:18 PM

Thank you Balaji for your inputs

0 Helpful
Customers Also Viewed These Support Documents