Cisco ASA Series Configuration Manual page 143
Firewall cli, asa services module, and the adaptive security virtual appliance
Hide thumbs
Also See for ASA Series:
- Cli configuration manual (2164 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Chapter 8
ASA and Cisco Cloud Web Security
hostname(config)# scansafe general-options
Configure the primary and secondary Cloud Web Security proxy servers.
Step 2
server primary {ip ip_address | fqdn fqdn} [port port]
server backup {ip ip_address | fqdn fqdn} [port port]
Example
hostname(cfg-scansafe)# server primary ip 192.168.43.10
hostname(cfg-scansafe)# server backup fqdn server.example.com
When you subscribe to the Cisco Cloud Web Security service, you are assigned primary and backup
Cloud Web Security proxy servers. Enter their IP addresses (ip), or fully-qualified domain names (fqdn),
on these commands.
By default, the Cloud Web Security proxy server uses port 8080 for both HTTP and HTTPS traffic; do
not change this value unless directed to do so.
Step 3
(Optional.) Configure the number of consecutive polling failures to the Cloud Web Security proxy server
before determining the server is unreachable.
retry-count value
Example
hostname(cfg-scansafe)# retry-count 2
Polls are performed every 30 seconds. Valid values are from 2 to 100, and the default is 5.
Step 4
Configure the authentication key that the ASA sends to the Cloud Web Security proxy servers to indicate
from which organization the request comes.
license hex_key
Example
hostname(cfg-scansafe)# license F12A588FE5A0A4AE86C10D222FC658F3
The authentication key is a 16-byte hexidecimal number. It can be a company or group key.
(Multiple context mode only.) Switch to each context where you want to use the service and enable it.
Step 5
scansafe [license hex_key]
Example
hostname(config)# changeto context one
hostname/one(config)# scansafe
You can optionally enter a separate authentication key for each context. If you do not include an
authentication key, the one configured for the system context is used.
Examples
The following example configures a primary and backup server:
scansafe general-options
server primary ip 10.24.0.62 port 8080
server backup ip 10.10.0.7 port 8080
retry-count 7
license 366C1D3F5CE67D33D3E9ACEC265261E5
Configure Cisco Cloud Web Security
Cisco ASA Series Firewall CLI Configuration Guide
8-7
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
