Re: [OSL | CCIE_Security] vWSA New interface

[Mike Rojas]

I'm gonna claim ignorance here. I just load the whole config file. I am 
assuming yes. 

Date: Thu, 11 Jul 2013 19:20:20 -0700
From: auranpr...@gmail.com
To: mike_c...@hotmail.com
CC: ccie_security@onlinestudylist.com; pio...@ipexpert.com
Subject: RE: [OSL | CCIE_Security] vWSA New interface

Well. When you first restored the backup, did you try initializing it with the 
old certificate?—
Sent from Mailbox for iPhone

On Thu, Jul 11, 2013 at 11:16 PM, Mike Rojas <mike_c...@hotmail.com> wrote:

I did, and I removed everything that said Certificate on the config. However, I 
dont know how the heck it says that encryption validation failed and it 
reference the old certificate. 
The certificate is not even in the config, it was a self signed. 

Mike 

Subject: Re: [OSL | CCIE_Security] vWSA New interface
From: auranpr...@gmail.com
Date: Thu, 11 Jul 2013 23:04:06 -0300
CC: pio...@ipexpert.com; ccie_security@onlinestudylist.com
To: mike_c...@hotmail.com

Well, that`s different then. What I guess that could`ve happened is that when 
you imported the config file it came along with the certificate used by the old 
Ironport or at least with the pointers. Did you check that?
BR,Bruno Silva.
Em 11/07/2013, às 22:58, Mike Rojas <mike_c...@hotmail.com> escreveu:Hi Bruno; 

I had to install it from scratch, I did not find a way to add another interface 
to the VM. So I backed up the file, installed the WSA from scratch and tried to 
upload the config, then I got the error.

No go. 

Mike.

Date: Thu, 11 Jul 2013 22:53:05 -0300
Subject: Re: [OSL | CCIE_Security] vWSA New interface
From: auranpr...@gmail.com
To: mike_c...@hotmail.com
CC: pio...@ipexpert.com; ccie_security@onlinestudylist.com

Hi Mike,
I may be wrong but, did you install the ironport from scratch or did you just 
added the new interface on the ironport?
I ask that because last time I got this error was because I added a new 
interface and for some reason that I cannot understand, even talked to cisco 
which wasn`t much of a help, the ironport tried to use this interface in the 
certificate for the management connection. So the certificate could not be 
valid because it was previously generated in the first initialization so it got 
corrupted...It happened to me 2 times, both times when I added the interface. 
Don`t know why it tries to validate the integrity of the certificate using the 
new interface instead of the old ones.
Hope it helps.BR,Bruno Silva.

2013/7/11 Mike Rojas <mike_c...@hotmail.com>
Hi Piotr and Team. 

So, I installed the WSA but when I try to load the config I get: 

Configuration File was not loaded. Parse Error on element "https_certificate" 
line number 154 column 22: Error in certificate validation: Configuration 
includes an unparseable signing certificate. Verify that it has not been 
modified.

This is very critical, because If I dont get to load the config, I may have to 
re-do the whole lab and that is something I truly want to avoid. 

Any thoughts? 

Mike 

From: mike_c...@hotmail.com
Date: Wed, 10 Jul 2013 09:33:59 -0600
To: pio...@ipexpert.com
CC: ccie_security@onlinestudylist.com
Subject: Re: [OSL | CCIE_Security] vWSA New interface


Hey Piotr;
When I first installed the WSA, I only Added 3 interfaces (its a vWSA), so when 
I go to interfaces, i only see the M1, p1 and p2. I dont see any T Interfaces. 
I was wondering if there is a way to add another interface or do I have to 
re-install the WSA and add the needed interface. 
Sent from my iPhone
On Jul 10, 2013, at 3:23 AM, "Piotr Kaluzny" <pio...@ipexpert.com> wrote:

Mike

Not sure if this is what you are asking for but you can use "interfaceconfig" 
to add P1/P2 to the mix. 

If you want to use L4TM just go under Network -> Interfaces; port should be 
already activated. To modify physical settings for any port, including T1/T2, 
use "etherconfig".

Regards,--Piotr KaluznyCCIE #25665 (Security), CCSP, CCNPSr. Technical 
Instructor - IPexpert, Inc.URL: http://www.IPexpert.com

On Wed, Jul 10, 2013 at 2:56 AM, Mike Rojas<mike_c...@hotmail.com> wrote:
Hi, 

Is it possible to add a new interface on a already installed WSA? I need to add 
a T1 interface for the final part of the lab.

Mike. 

_______________________________________________
For more information regarding industry leading CCIE Lab training, please 
visitwww.ipexpert.com

Are you a CCNP or CCIE and looking for a job? Check outwww.PlatinumPlacement.com


_______________________________________________ For more information regarding 
industry leading CCIE Lab training, please visit www.ipexpert.com Are you a 
CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com

Are you a CCNP or CCIE and looking for a job? Check outwww.PlatinumPlacement.com


-- 
Bruno Silva
Network Consultant
Cisco CCNA/CCDA/CCNP/CCDP/CCSP Certified
Arcsight Professional Certified - ACIA/ACSA
                                          
                                          
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com

Are you a CCNP or CCIE and looking for a job? Check out 
www.PlatinumPlacement.com