SDA having issues syncing over Meraki VPN with AMP Protection on
Answers (3)
Top Answer
I would say take a look at this article that I posted some time ago. Don't know if it might be helpful.
Comments:
-
That did it. After whitelisting event 128:1 on the Meraki Threat Protection, the SDA and RSA can sync. - JordanNolan 2 years ago
as usual: if you block the communication, systems cannot communicate.
You you need to decide: do you want to use the communication or do you want them to not communicate.
Review this article about the needed ports: https://support.quest.com/kb/129799
(most of them are between SDA (or RSA) and the clients, but esp. Port 22 and 8108 are needed between the SDA and the RSA)
Comments:
-
Nobody should every have to decide to disable an entire component of their security because one device is having an issue. We need the setup to block viruses and malware.
We SSH between devices over the WAN and connect to various ports all the time. We are trying to find out why the SDA is the only item we have that seems to have an issue. - JordanNolan 2 years ago-
I agree, that you should not diable "security devices" (which think for the users), but the error 10 is an ssh error code, which shows that there are a few options are not given (port closed as the usual one, but also wrong configured DPI is possible) - Nico_K 2 years ago
Error 10 means the it is not able to contact the Rsync server.
I think it was "Connection refused" the string associated with it.
You might want to go to Settings > Appliance Logs > Download all logs.
Untar the tarball file, and check the /kbox/remote/ folder, there is a Sync_Error_XX log file there, where XX is your RSA's ID (look at the URL when you are at the RSA's Detail page from the SDA).
That log is filled by RSync over SSH routine, it might give you more data.
