Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Troubleshooting Ironport

 

Introduction

This document describes multiple scenarios to troubleshoot Iron-Port.

Scenario 1

Problem:
User wants to implement a scenario where "External spam quarantine could accommodate SSO login, if they are tied with AD?" 

Prerequisites:

  • IronPort SMA
  • Internet browser

Solution:

Accessing the Quarantine via the Quarantine URL
 
If LDAP Authentication is configured, then the users with AD user-name and password get them into the quarantine. There is no SAML SSO integration at this time.
 

Accessing the quarantine via the Notification Digest
When the user clinks on the link of a notification email, the URL has an auth token in it which authenticates the user to the quarantine. No pop-up login required.
 

Scenario 2

Problem:

User wishes to backup a Virtual email appliance and restore the configuration on a physical appliance?
Prerequisites:
  • Virtual Iron-port email machine (vESA)
  • physical Iron-port email machine (ESA)

Solution:

As long as the version of AsyncOS matches between the vESA and the ESA.  You may need to make modifications to the XML itself for the "ethernet_settings" - as the <ports>, <ethernet_settings>, and <cpq_enabled> tagging in the XML will be different for the vESA vs. ESA configuration.

 
To work around this: 

Simply SAVE the ESA configuration to your local desktop, and save the vESA configuration as well. Open side-by-side, I would recommend using Notepad++ (PC) or Atom/Sublime (OSX) to edit the XML.  

Copy the <ports> through </ports>, <ethernet_settings> through </ethernet_settings>, and <cpq_enabled> </cpq_enabled> lines of the ESA configuration, and place them in the vESA configuration.  

Save the vESA configuration as "new_virtual_configuration" - and use this when loading on the ESA. Since you are manually editing the XML - be sure to also edit the IP and host-name values to be the needed values needed for the ESA.

 
You'll see the success message:
 
Success — Configuration file was loaded. Changes will not take effect until you Commit.
 
Please review network settings before committing the changes.
Commit the changes - and your ESA will now have the vESA configuration.
 

Source Discussion

Version history
Revision #:
2 of 2
Last update:
‎08-29-2017 03:42 AM
Updated by:
 
Labels (1)
Contributors