cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
19567
Views
15
Helpful
13
Replies

FMC Stuck in Deploying phase

ciscoworlds
Level 4
Level 4

Hi.

I have an FTDv (6.2.2.81) and an ASA 5515-x FTD (same version) in my lab. On FMC both devices stuck on "Deployment" phase and I cannot cancel it. I managed to stop the ASA FTD and restart the FMC and now it shows "Failed in Deployment" but cannot do the same for FTDv. I restarted FMC and completely powered off the FTDv, but again FMC tried to deploy the policies onto FTDv and stuck at about 40%. It doesn't allow me to deploy another policy and says the deployment is in progress. 

What can I do?

 

fmc0.jpg

13 Replies 13

Moon1998
Level 1
Level 1

I had same issue. Luckily, I had quite recent backup, so I tried restoring FMC from it. It helped, and next policy deployment succeeded.

What about traffic impact? If FMC gets stuck is there any risk traffic gets blocked on the ASA ?

This is the second time we have had this happen. It's a bug from 6.0, but must be back in the 6.2 code.

 

You have to open a TAC and they have to go clear/fix the database.

 

As it's compiling the change, there's no risk to the firewall as it is still running with the previous update.

Thanks for the answer; now is there a specific version affected like 6.2.x.y or or all 6.2.x versions?

Hi Florin,

I would suggest jumping to the latest 6.2.3 patch, a lot of bugs and CVE's are fixed.

The affcted relases are:

6.2.1
6.2.2
6.2.2.1
 
 
 
6.2.3

 

I opened a ticket support then Cisco's Engineer send me a script I push that scrip into the FMC and run its. Therefore I applied again the deploy with successful result.

 

 

regards

 

Dear c.sanchez,

 

Nice to know that you solved your issue, could you share this script with us.

 

am facing same issue here : (

 

BR,

Hamoud Hamdan

 

 

I am having this same issue on 6.2.3.7...awaiting TAC's response.

Did you solve it? 

 

I have the same problem...

I had the same problem at a client, opened a SR and TAC recommended to give FMC a reboot, did that and policy deployment time went back to normal (3-4minutes)

FMC version is 6.2.3.10

Facing the same issue Software Version 6.3.0 (build 84).
Waiting for TAC response.
14 appliances stuck in 40% Deployment - Policy and object collection complete.

I solved the problem.

My problem was with the firepower, my firewall erase, forgot, delete, the firepower module IP. I just rewrite the ip from my module and thats it.

 

Miguel52
Level 1
Level 1

Send command on FTD (sensor)

 

>expert
Password:
firepower:/home/root# pmtool restartbyid ngfwManager
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: