[MFC] Error Importing logs using SCP - "Error while downloading file. The remote host has terminated the connection"
In order to transfer logs to MFC, we had to use an intermediate logging server in our OOB network. When this logging server crashed we had to rebuild the server with new hardware and SCP no longer worked.
The host key changed on the new server and had to be manually updated. We suspected it was related to the hosts key but had difficulty finding where the known hosts info was stored.
Go to your install location of MFC and remove the known_hosts file. In our case the file was located at: "D:\Program Files\IronPort Systems\Mail Flow Central\mailFC\tmp\known_hosts". Instead of removing the file, we renamed it to known_hosts.old and restarted the MFC service. Afterwards we could see all the old logs importing.
The issue itself was not difficult to resolve, it just took more time than expected for something that would seem straightforward. To complicate things, we even raised a query to customercare who came back saying that they do not support the server on which MFC is running. But clearly the source of the issue was related to the application rather than the server itself.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...