Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
578
Views
0
Helpful
1
Replies

ASA Scansafe cloud is down

craig bache
Level 1
Level 1

‎02-25-2014 08:44 AM - edited ‎03-11-2019 08:50 PM

Hi All

I am having an issue with the Scansafe proxies and these showing as unreachable but most of the time reachable, I don't change anything.

9.1(2)

Primary: Proxy411.scansafe.net (80.254.147.163) (UNREACHABLE) for last 3 hours 24 mins, tried to connect 193817 times

Backup: Proxy137.scansafe.net (80.254.152.99) (UNREACHABLE) for last 3 hours 21 mins, tried to connect 224595 times

ASA# debug scansafe 255

debug scansafe enabled at level 255

ASA#

Checking the scansafe L7 whitelist and redirect rules

Could not get the user details!

Could not get the username from the flow!

Redirecting packets

Scansafe cloud is down; switching to allow as default action!

Any help much appreciate..

Regards Craig

Labels:
0 Helpful
1 Reply 1

rick505d3
Level 1
Level 1

‎11-23-2016 05:11 PM

Hi Craig,

Did you manage to resolve this? I am having the same issue (and debug output) although using the latest software 9.6.(2)3 on ASA 5585x in a failover pair in multi-context mode. 

When I remove and reapply the scansafe config from "system" space, scansafe starts working for about 10 to 15 minutes; scansafe servers are reachable. Than "show scansafe servers" indicates both primary and backup servers are unreachable. Debug logs says scansafe cloud is down. Telnet to scansafe servers from inside the firewall on port 8080 works. Firewall config remains exactly the same in the working and not working scenarios. 

Scansafe does work on the same firewall on the old code release before upgrade 9.2(4)8. We are upgrading code to install Firepower modules in these firewalls.

Regards, 

Rick.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card