Re: Firewall Migration Tool 7.0.0.1-11241

kamensky@kronovision.sk · ‎10-01-2024

Hello community,

we are trying to test FMT in our environment and up to now we have experienced very strange behaviour.

Yesterday all worked OK, I was able to login up to a point where I had to connect this tool to FMC.

Since we needed some time to prepare test FMC we have tried to login again today and now its no more possible.

When pop up window is opened we get just error with following link:

localhost:8888/api/callback?state=NPZY556BC8HEK2C18FHY&error=access_denied&error_description=Policy+evaluation+failed+for+this+request%2C+please+check+the+policy+configurations.

Can you please help me on how to proceed here?

Thank you!

daynagar · ‎10-01-2024

Hi Kamensky,

I can see an access denied error.

Please try to relaunch the FMT and share the logs so we can narrow down the issue.

kamensky@kronovision.sk · ‎10-01-2024

Hello,

below logs that were generated.

2024-10-01 19:59:35,768 [INFO | settings.py] > Configuring telemetry data file path at [C:\Users\xxx\Downloads\resources\telemetry_data\telemetry.json]
2024-10-01 19:59:35,770 [INFO | settings.py] > Configuring unparsed data file path at [C:\Users\xxx\Downloads\unparsed.txt]
2024-10-01 19:59:35,772 [INFO | settings.py] > Configuring unparsed xml file path at [C:\Users\xxx\Downloads\unparsed.xml]
2024-10-01 19:59:36,279 [DEBUG | common.py] > session table records count:1
2024-10-01 19:59:36,284 [DEBUG | common.py] > session table records count:1
2024-10-01 19:59:36,305 [INFO | __init__.py] > Initializing...
2024-10-01 19:59:36,354 [INFO | __init__.py] > Initializing...
2024-10-01 19:59:37,389 [INFO | config.py] > Loading settings
2024-10-01 19:59:37,390 [INFO | client.py] > Getting ssl context for oauth server
2024-10-01 19:59:37,415 [INFO | tools.py] > Not verifying ssl certificates
2024-10-01 19:59:37,417 [INFO | client.py] > No discovery url configured, all endpoints needs to be configured manually
2024-10-01 19:59:37,490 [INFO | settings.py] > Disabled console quick edit mode
2024-10-01 19:59:37,493 [DEBUG | common.py] > session table records count:1
2024-10-01 19:59:37,496 [INFO | common.py] > Using port: 8888
2024-10-01 19:59:37,930 [INFO | run.py] > >>>>> Starting server at http://localhost:8888 <<<<<

Not saying much though.

daynagar · ‎10-01-2024

It indicates that you are facing an issue launching the FMT & I have verified the tool and observed no problems with FMT.

Please try accessing the tool via the Chrome browser and keep me posted.

Platform Requirements for the Secure Firewall Migration Tool

The Secure Firewall migration tool has the following infrastructure and platform requirements:

Runs on a Microsoft Windows 10 64-bit operating system or on a macOS version 10.13 or higher
Has Google Chrome as the system default browser
(Windows) Has Sleep settings configured in Power & Sleep to Never put the PC to Sleep, so the system does not go to sleep during a large migration push
(macOS) Has Energy Saver settings configured so that the computer and the hard disk do not go to sleep during a large migration push

alfonso-lopez · ‎02-20-2025

i have same problem, but, I have applied that solution but dont work, this is my log message

2025-02-20 10:53:23,697 [INFO | settings.py] > Bundle directory created: C:\Migration tool\temp_dir\bundle
2025-02-20 10:53:23,698 [INFO | settings.py] > Configuring telemetry data file path at [C:\Migration tool\resources\telemetry_data\telemetry.json]
2025-02-20 10:53:23,699 [INFO | settings.py] > Configuring unparsed data file path at [C:\Migration tool\unparsed.txt]
2025-02-20 10:53:23,701 [INFO | settings.py] > Configuring unparsed xml file path at [C:\Migration tool\unparsed.xml]
2025-02-20 10:53:24,067 [DEBUG | common.py] > session table records count:0
2025-02-20 10:53:24,080 [DEBUG | common.py] > session table records count:1
2025-02-20 10:53:24,100 [INFO | __init__.py] > Initializing...
2025-02-20 10:53:24,105 [INFO | settings.py] > Settings:[global_suffix]
2025-02-20 10:53:24,343 [INFO | tool_version.py] > ToolVersion:[7712208]
2025-02-20 10:53:24,382 [INFO | __init__.py] > Initializing...
2025-02-20 10:53:25,189 [INFO | config.py] > Loading settings
2025-02-20 10:53:25,190 [INFO | client.py] > Getting ssl context for oauth server
2025-02-20 10:53:25,226 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:53:25,227 [INFO | client.py] > No discovery url configured, all endpoints needs to be configured manually
2025-02-20 10:53:25,284 [INFO | settings.py] > Disabled console quick edit mode
2025-02-20 10:53:25,287 [DEBUG | common.py] > session table records count:1
2025-02-20 10:53:25,289 [INFO | common.py] > Using port: 8888
2025-02-20 10:53:25,760 [INFO | run.py] > >>>>> Starting server at http://localhost:8888 <<<<<
2025-02-20 10:53:27,150 [INFO | cco_login.py] > EULA check for an user
2025-02-20 10:53:32,154 [DEBUG | common.py] > session table records count:1
2025-02-20 10:53:32,178 [INFO | cco_login.py] > EULA check for an user
2025-02-20 10:53:35,811 [INFO | cco_login.py] > EULA Agreement for an user
2025-02-20 10:53:35,814 [DEBUG | common.py] > session table records count:1
2025-02-20 10:53:37,182 [DEBUG | common.py] > session table records count:1
2025-02-20 10:53:37,185 [INFO | common.py] > proxies : {}
2025-02-20 10:53:37,968 [INFO | common.py] > Telemetry push : Able to connect to SSE Cloud server : https://sign-on.security.cisco.com
2025-02-20 10:53:38,274 [INFO | cco_login.py] > EULA check for an user
2025-02-20 10:53:43,277 [DEBUG | common.py] > session table records count:1
2025-02-20 10:53:43,281 [INFO | common.py] > proxies : {}
2025-02-20 10:53:43,951 [INFO | common.py] > Telemetry push : Able to connect to SSE Cloud server : https://sign-on.security.cisco.com
2025-02-20 10:53:44,256 [INFO | cco_login.py] > EULA check for an user
2025-02-20 10:53:49,259 [DEBUG | common.py] > session table records count:1
2025-02-20 10:53:49,262 [INFO | common.py] > proxies : {}
2025-02-20 10:53:49,957 [INFO | common.py] > Telemetry push : Able to connect to SSE Cloud server : https://sign-on.security.cisco.com
2025-02-20 10:53:50,264 [DEBUG | common.py] > session table records count:1
2025-02-20 10:53:50,267 [INFO | cco_login.py] > CCO login of a telemetry opted user
2025-02-20 10:53:50,268 [INFO | config.py] > Loading settings
2025-02-20 10:53:50,269 [INFO | client.py] > Getting ssl context for oauth server
2025-02-20 10:53:50,301 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:53:50,303 [INFO | client.py] > No discovery url configured, all endpoints needs to be configured manually
2025-02-20 10:53:50,305 [INFO | client.py] > Redirect to federation service https://sign-on.security.cisco.com/oauth2/aus6twwl4uu27SxzO357/v1/authorize?scope=openid&response_type=code&client_id=0oa6twy8fx0bfyzrS357&state=7QVQIF8YPSSAWOWLLI1M&code_challenge=6tGj_3dppzNYTJZSANuyQiPaXkEuDMNudF_GVsG1nLk&code_challenge_method=S25...
2025-02-20 10:54:29,424 [INFO | cco_login.py] > Call back of an user to a particular screen in tool flow
2025-02-20 10:54:29,426 [INFO | config.py] > Loading settings
2025-02-20 10:54:29,428 [INFO | client.py] > Getting ssl context for oauth server
2025-02-20 10:54:29,460 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:54:29,462 [INFO | client.py] > No discovery url configured, all endpoints needs to be configured manually
2025-02-20 10:54:29,463 [INFO | validator.py] > Getting ssl context for jwks_uri
2025-02-20 10:54:29,495 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:54:29,497 [INFO | validator.py] > proxies : {}
2025-02-20 10:54:30,182 [INFO | cco_login.py] > No code in response
2025-02-20 10:54:30,184 [INFO | cco_login.py] > None
2025-02-20 10:54:48,034 [INFO | cco_login.py] > Call back of an user to a particular screen in tool flow
2025-02-20 10:54:48,036 [INFO | config.py] > Loading settings
2025-02-20 10:54:48,037 [INFO | client.py] > Getting ssl context for oauth server
2025-02-20 10:54:48,070 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:54:48,072 [INFO | client.py] > No discovery url configured, all endpoints needs to be configured manually
2025-02-20 10:54:48,073 [INFO | validator.py] > Getting ssl context for jwks_uri
2025-02-20 10:54:48,105 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:54:48,106 [INFO | validator.py] > proxies : {}
2025-02-20 10:54:48,872 [INFO | cco_login.py] > No code in response
2025-02-20 10:54:48,874 [INFO | cco_login.py] > None
2025-02-20 10:54:53,319 [INFO | cco_login.py] > EULA login for an user
2025-02-20 10:54:53,322 [INFO | config.py] > Loading settings
2025-02-20 10:54:53,323 [INFO | cco_login.py] > Either JWT token is expired or Failed to generate token
2025-02-20 10:54:58,139 [DEBUG | common.py] > session table records count:1
2025-02-20 10:54:58,142 [INFO | cco_login.py] > CCO login of a telemetry opted user
2025-02-20 10:54:58,143 [INFO | config.py] > Loading settings
2025-02-20 10:54:58,144 [INFO | client.py] > Getting ssl context for oauth server
2025-02-20 10:54:58,175 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:54:58,177 [INFO | client.py] > No discovery url configured, all endpoints needs to be configured manually
2025-02-20 10:54:58,179 [INFO | client.py] > Redirect to federation service https://sign-on.security.cisco.com/oauth2/aus6twwl4uu27SxzO357/v1/authorize?scope=openid&response_type=code&client_id=0oa6twy8fx0bfyzrS357&state=001UMTIRM9BFFB2FSERM&code_challenge=fCe1gG57qk2JhiF11zJdqGuVeXFhIldl32XKgjzt144&code_challenge_method=S25...
2025-02-20 10:54:59,297 [INFO | cco_login.py] > Call back of an user to a particular screen in tool flow
2025-02-20 10:54:59,298 [INFO | config.py] > Loading settings
2025-02-20 10:54:59,299 [INFO | client.py] > Getting ssl context for oauth server
2025-02-20 10:54:59,330 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:54:59,332 [INFO | client.py] > No discovery url configured, all endpoints needs to be configured manually
2025-02-20 10:54:59,334 [INFO | validator.py] > Getting ssl context for jwks_uri
2025-02-20 10:54:59,364 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:54:59,366 [INFO | validator.py] > proxies : {}
2025-02-20 10:55:00,025 [INFO | cco_login.py] > No code in response
2025-02-20 10:55:00,027 [INFO | cco_login.py] > None
2025-02-20 10:55:02,192 [INFO | cco_login.py] > EULA login for an user
2025-02-20 10:55:02,195 [INFO | config.py] > Loading settings
2025-02-20 10:55:02,196 [INFO | cco_login.py] > Either JWT token is expired or Failed to generate token
2025-02-20 10:55:06,214 [DEBUG | common.py] > session table records count:1
2025-02-20 10:55:06,217 [INFO | cco_login.py] > CCO login of a telemetry opted user
2025-02-20 10:55:06,219 [INFO | config.py] > Loading settings
2025-02-20 10:55:06,221 [INFO | client.py] > Getting ssl context for oauth server
2025-02-20 10:55:06,253 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:55:06,255 [INFO | client.py] > No discovery url configured, all endpoints needs to be configured manually
2025-02-20 10:55:06,257 [INFO | client.py] > Redirect to federation service https://sign-on.security.cisco.com/oauth2/aus6twwl4uu27SxzO357/v1/authorize?scope=openid&response_type=code&client_id=0oa6twy8fx0bfyzrS357&state=IGCHT6A4CBKZHKRJU075&code_challenge=Qpxp2DXNPA98Ra2n_l8ulMCTTERl8agFW4uKWMmWKWI&code_challenge_method=S25...
2025-02-20 10:55:06,563 [INFO | cco_login.py] > Call back of an user to a particular screen in tool flow
2025-02-20 10:55:06,564 [INFO | config.py] > Loading settings
2025-02-20 10:55:06,565 [INFO | client.py] > Getting ssl context for oauth server
2025-02-20 10:55:06,596 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:55:06,597 [INFO | client.py] > No discovery url configured, all endpoints needs to be configured manually
2025-02-20 10:55:06,599 [INFO | validator.py] > Getting ssl context for jwks_uri
2025-02-20 10:55:06,630 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:55:06,632 [INFO | validator.py] > proxies : {}
2025-02-20 10:55:07,307 [INFO | cco_login.py] > No code in response
2025-02-20 10:55:07,309 [INFO | cco_login.py] > None
2025-02-20 10:55:13,573 [INFO | cco_login.py] > EULA login for an user
2025-02-20 10:55:13,577 [INFO | config.py] > Loading settings
2025-02-20 10:55:13,578 [INFO | cco_login.py] > Either JWT token is expired or Failed to generate token
2025-02-20 10:55:14,672 [DEBUG | common.py] > session table records count:1
2025-02-20 10:55:14,674 [INFO | cco_login.py] > CCO login of a telemetry opted user
2025-02-20 10:55:14,675 [INFO | config.py] > Loading settings
2025-02-20 10:55:14,676 [INFO | client.py] > Getting ssl context for oauth server
2025-02-20 10:55:14,707 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:55:14,708 [INFO | client.py] > No discovery url configured, all endpoints needs to be configured manually
2025-02-20 10:55:14,710 [INFO | client.py] > Redirect to federation service https://sign-on.security.cisco.com/oauth2/aus6twwl4uu27SxzO357/v1/authorize?scope=openid&response_type=code&client_id=0oa6twy8fx0bfyzrS357&state=2RE33PLA98AQPU6TWM55&code_challenge=2N6_G_MiAhAFWW5634Z4Mz2NofLF8Kq6CdIoK3DNk2c&code_challenge_method=S25...
2025-02-20 10:55:15,343 [INFO | cco_login.py] > Call back of an user to a particular screen in tool flow
2025-02-20 10:55:15,346 [INFO | config.py] > Loading settings
2025-02-20 10:55:15,348 [INFO | client.py] > Getting ssl context for oauth server
2025-02-20 10:55:15,381 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:55:15,382 [INFO | client.py] > No discovery url configured, all endpoints needs to be configured manually
2025-02-20 10:55:15,383 [INFO | validator.py] > Getting ssl context for jwks_uri
2025-02-20 10:55:15,414 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:55:15,416 [INFO | validator.py] > proxies : {}
2025-02-20 10:55:16,078 [INFO | cco_login.py] > No code in response
2025-02-20 10:55:16,081 [INFO | cco_login.py] > None
2025-02-20 10:55:17,723 [INFO | cco_login.py] > EULA login for an user
2025-02-20 10:55:17,725 [INFO | config.py] > Loading settings
2025-02-20 10:55:17,726 [INFO | cco_login.py] > Either JWT token is expired or Failed to generate token
2025-02-20 10:55:43,416 [INFO | cco_login.py] > EULA check for an user
2025-02-20 10:55:48,419 [DEBUG | common.py] > session table records count:1
2025-02-20 10:55:48,424 [INFO | common.py] > proxies : {}
2025-02-20 10:55:49,163 [INFO | common.py] > Telemetry push : Able to connect to SSE Cloud server : https://sign-on.security.cisco.com
2025-02-20 10:55:49,173 [DEBUG | common.py] > session table records count:1
2025-02-20 10:55:49,175 [INFO | cco_login.py] > CCO login of a telemetry opted user
2025-02-20 10:55:49,176 [INFO | config.py] > Loading settings
2025-02-20 10:55:49,176 [INFO | client.py] > Getting ssl context for oauth server
2025-02-20 10:55:49,208 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:55:49,210 [INFO | client.py] > No discovery url configured, all endpoints needs to be configured manually
2025-02-20 10:55:49,211 [INFO | client.py] > Redirect to federation service https://sign-on.security.cisco.com/oauth2/aus6twwl4uu27SxzO357/v1/authorize?scope=openid&response_type=code&client_id=0oa6twy8fx0bfyzrS357&state=3SSE0YGJ77WCZ6I6TV7C&code_challenge=DOIZNJ4G641sWjPVvOqKW9AMAwHVW-LFEIA7LntQmVQ&code_challenge_method=S25...
2025-02-20 10:56:22,985 [INFO | cco_login.py] > Call back of an user to a particular screen in tool flow
2025-02-20 10:56:22,987 [INFO | config.py] > Loading settings
2025-02-20 10:56:22,989 [INFO | client.py] > Getting ssl context for oauth server
2025-02-20 10:56:23,021 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:56:23,023 [INFO | client.py] > No discovery url configured, all endpoints needs to be configured manually
2025-02-20 10:56:23,024 [INFO | validator.py] > Getting ssl context for jwks_uri
2025-02-20 10:56:23,056 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:56:23,058 [INFO | validator.py] > proxies : {}
2025-02-20 10:56:23,726 [INFO | cco_login.py] > No code in response
2025-02-20 10:56:23,729 [INFO | cco_login.py] > None
2025-02-20 10:56:27,226 [INFO | cco_login.py] > EULA login for an user
2025-02-20 10:56:27,229 [INFO | config.py] > Loading settings
2025-02-20 10:56:27,231 [INFO | cco_login.py] > Either JWT token is expired or Failed to generate token
2025-02-20 10:56:31,658 [DEBUG | common.py] > session table records count:1
2025-02-20 10:56:31,661 [INFO | cco_login.py] > CCO login of a telemetry opted user
2025-02-20 10:56:31,662 [INFO | config.py] > Loading settings
2025-02-20 10:56:31,662 [INFO | client.py] > Getting ssl context for oauth server
2025-02-20 10:56:31,693 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:56:31,694 [INFO | client.py] > No discovery url configured, all endpoints needs to be configured manually
2025-02-20 10:56:31,696 [INFO | client.py] > Redirect to federation service https://sign-on.security.cisco.com/oauth2/aus6twwl4uu27SxzO357/v1/authorize?scope=openid&response_type=code&client_id=0oa6twy8fx0bfyzrS357&state=YJV26Y88UUBJDFUZMC9R&code_challenge=JNOjsmjn60QsmiF1DEZQbDzToDFIvq7elFlUWmtAQBM&code_challenge_method=S25...
2025-02-20 10:56:32,209 [INFO | cco_login.py] > Call back of an user to a particular screen in tool flow
2025-02-20 10:56:32,211 [INFO | config.py] > Loading settings
2025-02-20 10:56:32,213 [INFO | client.py] > Getting ssl context for oauth server
2025-02-20 10:56:32,244 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:56:32,246 [INFO | client.py] > No discovery url configured, all endpoints needs to be configured manually
2025-02-20 10:56:32,248 [INFO | validator.py] > Getting ssl context for jwks_uri
2025-02-20 10:56:32,279 [INFO | tools.py] > Not verifying ssl certificates
2025-02-20 10:56:32,281 [INFO | validator.py] > proxies : {}
2025-02-20 10:56:32,906 [INFO | cco_login.py] > No code in response
2025-02-20 10:56:32,908 [INFO | cco_login.py] > None
2025-02-20 10:56:41,685 [DEBUG | system_check.py] > Unable to complete process: [WinError 32] The process cannot access the file because it is being used by another process: 'C:\\Migration tool\\ftd_migration.sqlite'
2025-02-20 10:56:41,832 [DEBUG | run.py] > Exiting from the tool as user closed application