Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1962
Views
0
Helpful
3
Replies

Unable to connect to Cisco Web Security Service , onnection to "v2.sds.cisco.com" failed.

AliJamadar
Level 1
Level 1

‎07-08-2020 02:06 AM

Hi,

can any one help on this issue,

as we are recieving consistent alert from the Ironport  ( Async C390 12.5.37 ) , is this bug or any activity at Cisco side.

 

Unable to connect to Cisco Web Security Service.
URL Filtering will not work correctly.
Please verify all network, proxy and firewall settings.
Connection to "v2.sds.cisco.com" failed.
The last error seen on this connection: "Request failed with code: 56 (Recv failure: Connection reset by peer)"

Version: 12.5.1-037
Timestamp: 08 Jul 2020 10:58:17 +0200

1 person had this problem
Labels:
0 Helpful
3 Replies 3

PulkitMittal4180
Level 1
Level 1

‎07-08-2020 05:50 AM

Hi @AliJamadar,

I would recommend to reach out TAC for assistance.

 

0 Helpful

ppreenja
Cisco Employee
Cisco Employee

‎07-09-2020 09:41 AM

Hi,

Please make below changes in the configuration of your ESA to resolve the issue:

ESA> websecurityadvancedconfig

Enter URL lookup timeout (includes any DNS lookup time) in seconds:
[30]>

Enter the URL cache size (no. of URLs):
[810000]>

Do you want to disable DNS lookups? [N]>

Enter the maximum number of URLs that can be scanned in a message body:
[25]>

Enter the maximum number of URLs that can be scanned in the attachments in a
message:
[25]>

Enter the Web security service hostname:
[v2.sds.cisco.com]>

Enter the threshold value for outstanding requests:
[5]>

Do you want to verify server certificate? [Y]>

Do you want to enable URL filtering for shortened URLs? [Y]>

For shortened URL support to work, please ensure that ESA is able to connect to
following domains:
bit.ly, tinyurl.com, ow.ly, tumblr.com, ff.im, youtu.be, tl.gd, plurk.com,
url4.eu, j.mp, goo.gl, fb.me, alturl.com, wp.me, chatter.com, tiny.cc, ur.ly

Enter the default time-to-live value (seconds):
[600]>

Do you want to rewrite both the URL text and the href in the message? Y indicates
that the full rewritten URL will appear in the email body. N indicates that the
rewritten URL will only be visible in the href for HTML messages. [N]>

Do you want to include additional headers? [N]>

Enter the default debug log level for RPC server:
[Info]>

Enter the default debug log level for URL cache:
[Info]>

Enter the default debug log level for HTTP client:
[Info]>

I hope the above helps.

Cheers,
Pratham
0 Helpful

José L. Dávila
Cisco Employee
Cisco Employee

‎08-17-2020 11:32 AM

Hello,

Just to complement Pratham's suggested configuration, feel free to take a look at the following field notice 64111: https://www.cisco.com/c/en/us/support/docs/field-notices/641/fn64111.html, which goes into deeper detail on how to reduce the connection alert.

Best.

 

José L. Dávila
0 Helpful
Customers Also Viewed These Support Documents