Cisco ESA and RSA DLP Connection issues

4 years ago

Originally Published: 2015-03-20

Article Number

000047169

Applies To

RSA DLP all versions
Cisco IronPort ESA all versions.
Applies to system where DLP EM is configured to manage data loss prevention module on Cisco ESA devices

Issue

On the EM -> Admin -> Partners page,

One or more ESA device(s) show status is "not responsive", and bubble is red.
The ESA device sends out alert stating that connection between the EM and the ESA is lost
If there are more then one device, and one of them is green status and other one one is red,
the ESA is in cluster config mode.

On the ESA device you get error splash page when accessing the Admin page on web UI

note: This article applies to system that has been configured and was running.

Tasks

Resolution

Verify the times on both devices are within 5 seconds.
Check to see if no access list or firewall for open ports
List of ports below:

Local port on Cisco ESA: 20002
Local port on DLP EM: 20000

On the admin page on the Cisco ESA, see warning message (see attachment)
If the ESA are in clusterconfig,
verify both nodes have same configuration.

Don't see what you're looking for?

Potential Impact from Salesforce Device Activation Change

Related Articles

Trending Articles