Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7742
Views
5
Helpful
13
Replies

Intrusion policy, Policy out-of-date on device

dm
Level 1
Level 1

‎03-19-2019 10:02 PM - edited ‎02-21-2020 08:58 AM

Hello!

 

I use ASDM to manage Firepower on ASA 5506-X.

I just found that  in  Configuration > ASA FirePOWER Configuration > Policies > Intrusion Policy > Intrusion Policy

my policy is always shown as Policy out-of-date on device.

I tried to change it, to change access control policy in which it is in use, did deploy- there is no changes,

it is always Policy out-of-date on device.

 

Could you tell me how to solve this?

 

Currently running software version: 6.2.3.10

 

Thank you!

2 people had this problem
Labels:
0 Helpful
13 Replies 13

dm
Level 1
Level 1

‎03-21-2019 09:57 PM

btw, upgraded to 11, no changes.
0 Helpful

johnlloyd_13
Level 9
Level 9

‎03-22-2019 07:23 AM

hi,

did you click 'Click Store ASA FirePOWER Changes' at the bottom?

0 Helpful

dm
Level 1
Level 1
In response to johnlloyd_13

‎05-12-2019 09:20 PM

I have this problem on 3 devices, nothing helps...
0 Helpful

gregghudson
Level 1
Level 1

‎05-11-2019 04:41 AM

I have this exact same problem. Nothing clears the error. I go into the IPS and click "Commit Changes", go to Access Control Policy (and it says 'Up-to-date') and click "Store ASA FirePOWER Changes",  then "Save Running Configuration to Flash" and even after 'deploy' it still show's "Out-of-date". And this is on 5 different firewalls!

Preview file
5 KB
0 Helpful

Netman-1
Level 1
Level 1
In response to gregghudson

‎05-22-2019 10:07 AM

I'm seeing this exact same problem as well.

0 Helpful

matthew.campbell
Level 1
Level 1

‎10-03-2019 04:24 AM

Has anyone found a solution to this issue?  

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to matthew.campbell

‎10-03-2019 05:33 AM

It could be caused by a corrupted entry with the database.

I recommend opening a TAC case to get into the level of troubleshooting that necessary to confirm and remedy the issue.

0 Helpful

dm
Level 1
Level 1
In response to Marvin Rhoads

‎10-03-2019 05:36 AM

I don't think there is any corruption here but software bug :-)

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to dm

‎10-03-2019 06:01 AM

Bugs can cause database corruption. :)

0 Helpful

gregghudson
Level 1
Level 1
In response to Marvin Rhoads

‎10-03-2019 10:33 AM

Cisco TAC says "known bug".
0 Helpful

matthew.campbell
Level 1
Level 1
In response to gregghudson

‎10-09-2019 06:06 AM

Did they supply a bug number?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card