Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Steps to Deploy Virtual Web Security Appliance (vWSA)

Cisco Employee

Steps to Deploy Virtual Web Security Appliance (vWSA)

26 Comments
New Member

From where can we download the image for virtual WSA? Please share the link as well.

New Member

This is not available yet as it is still beta and will shortly be moving to FCS.  You will have to contact your cisco sales team.

Christian Rahl

Customer Support Engineer

Cisco Web Content Security Appliance

Cisco Technical Assistance Center RTP

New Member

does we get trail lice i want that for my study

New Member

You can download the vm from

http://inecert.com

New Member

Hello friends,

Instead of set up the date and time parameters through the command datetime, is there a way to point to an NTP server?

Regards!

Cisco Employee

Hi

Thanks! for the reviewing, yes we can configure an NTP server from the GUI (once the setup wizard ran):

From GUI:

System Administration > Time setting > Edit setting > "Use Network Time Protocol"  and configure the NTP servers.

 

Have a Great! day

Regards,

Zack

 

 

New Member

Thanks to you for your help Zack,

I will start to deploy a demo about this vWSA, and let me tell you that I am sure that you have helped a lot of people with this tutorial. I have another question, the license that we recevie via email (for demo), for how many users will it work?

Again, thank you so much for your support.

Regards!

Cisco Employee

Good Morning

Thanks! for the feedback we greatly appreciated it, it depends on the model but the demo and S100v model should support up to 1000 connections.

Please let me know if you have any other questions,

Thanks again for the feedback,

Regards

Zack

 

New Member

Hi Zack

I have a new issue, when I try to load the demo license either FTP or CLI. It sends me an error about the demo license is not available yet. I mean, when I paste the content of the XML file through the CLI and then I type the Ctrl + D sends me that error. Or when I type the command loadlicense, and then option 2, I type the license.xml and it still sends me that error. Could you please help me? It is a demo and we are competing against blue coat and other vendor.

Regards!

Cisco Employee

Hi

 

Thanks for reaching out, I have seen this error. Please set the clock on the vWSA to make sure it has the current date and times.  because their is a date in the license file.

from the CLI:

vWSA.com>settime

Current time Wed Aug 06 19:08:53 2014 GMT.
Please enter the time in MM/DD/YYYY HH:MM:SS format.

<enter the month,day....>

enter out and commit the change.

Please let me know if you still have an issue.

 

Regards,

Zack

 

 

 

 

 

New Member

Hi Zack,

Thanks for your answer, but I had already set the date and clock. What else could be the origin of this issue?

Regardas!

Cisco Employee

Sorry you are having trouble installing license, I was advise that some of the vWSA license were invalid, I would suggest to reach out the contact you got the license from and get another one quickly.  in addition you can also call Cisco TAC # 1 800 553 2447 and speak with the licensing team and they will provide you a "demo" license.

 

Regards,
Zack

 

New Member
Thanks, I will try. Wish me luck! Regards
New Member

Zac,

The issue did reside on the date. I started to read the content of XML file and the Begin date was an hour later, I changed the time on Ironport and I was able to load the license. Now I have another question. How can we now for how much users the demo license is? I downloaded a S000v, and the showlicense prompts the next result:

Unknown command: SHOWLICENSE
Please run System Setup Wizard at http://192.168.210.156:8080
ironport.example.com> showlicense

Virtual License
===============

vln                      VLNWSA38996279
begin_date               Wed Aug 06 16:14:51 2014 GMT
end_date                 Mon Sep 22 16:14:50 2014 GMT
company                  CONNEXT SOLUCIONES SA DE CV
seats                    1
country                  MX
serial                   65FC
email                    alexandro_delangel@connext.com.mx
issue                    1fc3c71bdeca4bb2ba2ec57756cd6314
license_version          1.1

 

Cisco Employee

Hi

I am glad you were able to load the license, you must need to run the setup Wizard and as for the number of users this should support few hundred users less than 1000, for the demo purpose and testing you be ok.

 

Please let me know if you have any other questions,

 

Regards,

Zack

 

New Member

Thanks for the info Zack,

I have already run the setup wizard, now what is next? It is the first time I configure a Web Security Appliance, would you have another tutorial for the active directory integration, explicit proxy configuration?

Regards!

Cisco Employee

Yes and they all reside here:

https://supportforums.cisco.com/community/5786/web-security?view=video#quicktabs-community_activity=3

 

Regards,

Zack

 

New Member

Hi Zack!

The issues about Attempting to fetch user information... and Attempting to fetch group information... in the Test, really are because of a bad Bin DN and a bad Password? Are there other origin of these errors?

Regards!

Checking DNS resolution of WSA hostname(s)...
Failure: Unable to resolve 'proxy.citrofrut.com' :
Unknown hostname


Checking DNS resolution of LDAP Server(s)...
Success: Resolved 'jfm0204.citronet.com' address: 192.168.210.69

Checking connectivity of LDAP Server(s)...
Success: Server 'jfm0204.citronet.com' responding to queries on port 389.

Checking the type of LDAP Server(s)...
Warning: The server 'jfm0204.citronet.com' is an Active directory server and is configured on port 389.Consider using the global catalog server on port 3268 instead.

Checking if Referrals are enabled...
Success: Referral option is disabled.

Attempting to fetch user information...
Failure: Queries to server 'jfm0204.citronet.com' on port 389 failed :
Invalid Computer Account (AD realm) or Bind DN or Password (LDAP realm)


Attempting to fetch group information...
Failure: Queries to server 'jfm0204.citronet.com' on port 389 failed :
Invalid Computer Account (AD realm) or Bind DN or Password (LDAP realm)


Test completed: Errors occurred, see details above.

 

Cisco Employee

Please go ahead and create a Cisco TAC case our support team can help you, 

1 800 553 2447

 

Regards

Zack

 

 

New Member

Hi Zack,

 

Great Video - I'm still not clear on how a license is obtained for this.  Went to cisco.com/go/license - get other licenses - email/web security - get activation codes for iron port product tc - it asks for a source serial # / virtual device #.  what are those - where do i find them?

Cisco Employee

Hi 

Thanks for the feedback, enclosed are the steps:

How Existing Customers get their WSAV Licenses

1.    Go to www.cisco.com/go/License

2.    Log in with CCO ID.

3.    Click on Get New at the top.  Select License for Email & Web Security Appliance from the dropdown menu.

4.    A page for requesting an activation code to get the license appears.  Under Product, select SW Bundles (if you have an existing SW bundle) or TC (if you have a single a la carte feature).

5.    Source Serial Number – Enter an existing WSA Serial Number here.

6.    Select Destination Appliance Type – Select Virtual.

7.    Leave Target SN / Virtual Device Identifier blank.

8.    Send to – Enter email address for activation code to be sent to.

9.    Click on Request Code.

10.Once the code is emailed, repeat Steps 1-3.  Select Use Activation Codes & hit Next

11.Select the Web Security software SKUs that should embedded on the virtual license.  Hit Next.

12.Enter in the email address for the Virtual WSA license to be sent to.  Click on Get License.

13.You should receive a Processing Request popup.  Once it is processed you will see a confirmation.  The key will be sent within 3 hours.

PS. if you currently do not have WSA appliance, please call in TAC HOT line and speak to License Team and they will provide an Evaluation license.  TAC # United States: 1 800 553 2447

 

Regards,

Zack

 

 

New Member

Thank you so much for your video, i have a doubt, exist smarnet for Virtual appliance????

Cisco Employee

Hi Carlos

Thank you! for the comment, if you have a physical appliance you may want to reach out to your Cisco Account team, they will be able to provide ALL the detailed around the coverage,  but as long as you have the physical WSA *should be cover"

 

Regards,

Zack

 

New Member

Hi Shaikh,

Why, when i am running the System Setup Wizard by GUI, i receive a Mssg just with the "Reset Configuration" option???

Thks,

JS

New Member

Buen día,

 

Puedo compartir mi licencia del appliance físico para el vWSA? o hay que comprar las licencias de WSA virtual para que los dos queden activos y poder realizar balanceo de carga. 

New Member

Good day,

 

Can I share my physical appliance license for vWSA? or you have to buy virtual WSA licenses so that both of you remain active and can perform load balancing.

5941
Views
6
Helpful
26
Comments