Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
271
Views
0
Helpful
0
Replies

FPR 1010 Migration to cdfmc

JustinGayheart
Level 1
Level 1

‎05-18-2025 05:55 PM

hi everyone, i am trying to migrate my Cisco Firepower 1010 Threat Defense running 7.4.2.1-30 to cdfmc. 

i go through the migration wizard, and get to the final step where the FTD regiters with cdfmc and it fails... I have had a case open with TAC for about 3 months trying to resolve this and they have been less than helpful unfortunately.

They have determined that the FTD is failing to connect on port 8305 in the log below, but havent help me figure out why or how I can test it.

If anyone has any advice or help I would greatly appreciate it.

Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [52415] sftunneld:sf_peers [INFO] Peer CDFMC-Name-removed-for-privacy.app.us.cdo.cisco.com needs a single connection Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [52415] sftunneld:sf_connections [INFO] Start connection to : CDFMC-Name-removed-for-privacy.app.us.cdo.cisco.com (registration state:1, wait 80 seconds is up) Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_peers [INFO] Peer CDFMC-Name-removed-for-privacy.app.us.cdo.cisco.com needs a single connection Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Connect to CDFMC-Name-removed-for-privacy.app.us.cdo.cisco.com on port 8305 - management0 Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Initiate connection using resolved_ip_list having [2] entries on list [1] (via management0) Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Initiate IPv6 type connection Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Initiate IPv4 type connection Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Initiate IPv4 connection from resolved_ip_list to 54.148.59.114 (via management0) Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Initiating IPv4 connection to 54.148.59.114:8305/tcp Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Wait to connect to 8305 (IPv4): 54.148.59.114 Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Connect to 54.148.59.114 failed on port 8305 socket 11 (Connection refused) Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] No IPv4 connection to IP 54.148.59.114 Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Initiate IPv6 type connection Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Initiate IPv6 connection from resolved_ip_list to 2600:1f14:26b3:5001:df39:b8b8:c0db:4d99 (via management0) Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Initiating IPv6 connection to 2600:1f14:26b3:5001:df39:b8b8:c0db:4d99:8305/tcp

Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [ERROR] Unable to connect to port 8305 (IPv6): Network is unreachable Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] No IPv6 connection to IP 2600:1f14:26b3:5001:df39:b8b8:c0db:4d99

Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Initiate IPv4 type connection Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Unable to connect to all the provided IP address with the given management interface Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Connect to CDFMC-Name-removed-for-privacy.app.us.cdo.cisco.com on port 8305 - tap_nlp Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Initiate connection using resolved_ip_list having [2] entries on list [1] (via tap_nlp) Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Initiate IPv6 type connection Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Initiate IPv4 type connection Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Initiate IPv4 connection from resolved_ip_list to 54.148.59.114 (via tap_nlp) Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Initiating IPv4 connection to 54.148.59.114:8305/tcp Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Wait to connect to 8305 (IPv4): 54.148.59.114 Apr  8 01:47:29 1155-FTD SF-IMS[52389]: [26617] sftunneld:sf_ssl [INFO] Connect to 54.148.59.114 failed on port 8305 socket 11 (Connection refused

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents