Cisco Bug: CSCvs22200 - DLP health check timer need to reset when DLP server is deleted
Aug 25, 2020
- Cisco Web Security Appliance
Known Affected Releases
Symptom: When having External DLP servers integrated with WSA. and the connection is going down between the WSA and DLP. the WSA starts a probe process, which is following this pattern: (Marked Dead),10,20,40,80,160,400,640,1280,2560,5120,10240,20480,40960,40960 (seconds). then it starts occurring every 24 hours. the problem is when we have the connection fixed or the DLP server is up again, after couple of days. the DLP will remain marked dead until the next heartbeat. which can take 24 hours in worst case scenario as explained above. This is ok, the issue is even deleting the DLP server and adding it back again, will not reset the timer. the only solution is to restart the prox process by doing the command: diagnostic->proxy->kick. which needs to be done out of business hours to not impact the traffic. Conditions: having integration with external DLP server. having connection timeout to the DLP server for more than 24 hours.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases