How to resolve NSM error "Acquisition Failed, unexpected response status code 403"?
06/24/2021 5 930
In this article, we explained how to resolve the NSM error "Acquisition Failed, the unexpected response status code 403" and change the unit status online.
This issue is noticed in NSM while adding few Gen 7 firewalls (Any Gen 7 firewall with Gen 6 firewall settings imported in it).
Reason for the Issue:
The Gen 6 devices don't have SonicOS API, so the settings import from any Gen 6 to Gen 7 devices will disable SonicOS API. This is the cause for the unit acquisition failure with an error as "Acquisition Failed, the unexpected response status code 403" in NSM.
NOTE: Even though the Gen 7 management UI shows the SonicOS API is enabled, we need to check the actual SonicOS API status in Tech Support Report (TSR).
How to find the SonicOS API is enabled or Disabled?
Download Tech Support Report (TSR) from Gen 7 unit which failed with 403 error. And search for "SonicOS API" and it will show that option is enabled or disabled as below
In this example, it is turned off. This is the reason for the error while acquiring the unit in NSM.
How to enable SonicOS API?
Login to firewall management via CLI using SSH or Console access.
Enable SonicOS API using the below commands
Example of the above commands are shown in the below picture
Please verify TSR again to make sure SonicOS API enabled as shown in the below picture
NOTE: Please make sure under SonicOS API, "RFC-7616 HTTP Digest Access authentication" is also enabled as show in the below picture.
Now the unit will show online in NSM as below