Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1200
Views
0
Helpful
1
Replies

5555x FTD URL filtering download failure

JMCNEL
Level 4
Level 4

‎08-28-2017 08:11 AM - edited ‎02-21-2020 06:15 AM

anyone else perhaps have this problem ? Any suggestions ?

 

FMC v 6.2.1 / 5555x FTD v 6.2.0

 

Aug 25 15:00:59 Firepower SF-IMS[6210]: [6484] CloudAgent:CloudAgent [WARN] DownloadURLDBFilesOnDC : URL Database update: Malformed message received. Status: -102

 

 

I have tried the following work around - but only worked once

Log into the CLI of the FMC and escalate to root:

$ sudo su –

(enter the password)

 Change to the cloud download directory:

 # cd /var/sf/cloud_download

 Move the old BCDB files to /var/tmp

 # mv full* /var/tmp

# mv part* /var/tmp

 (this moves the files so if we run into unlikely download issues we can simply move them back)

 Log into the GUI of the FMC and navigate to System>Integration and click Update Now

 

Also tried  :  Still not working 

pmtool restartbyid SFDataC

 Then login to the FMC's web UI, navigate to System > Integration, and click

the "Update Now" button.

 

root@Firepower:~# tail /var/log/urldb_log

1503927190,1,Download Failed,
1503927366,1,Download Failed,
root@Firepower:~#
root@Firepower:~#
root@Firepower:~# cat /var/log/messages | grep -E "CloudAgent.*bcdb"
root@Firepower:~# cat /var/log/messages | grep -E "sftunnel.*bcdb"
root@Firepower:~# ls -lah /var/sf/cloud_download/
total 32K
drwxr-xr-x 3 www www 4.0K Aug 28 13:05 .
drwxr-xr-x 65 root root 4.0K Aug 23 21:31 ..
-rw-r--r-- 1 root root 78 Aug 28 13:05 cloudagent_dlupdate_health
-rw-r--r-- 1 root root 78 Aug 28 11:45 cloudagent_urllookup_health
-rw-r--r-- 1 www www 5.4K May 13 00:15 sfrep_catg
-rw-r--r-- 1 www www 433 May 13 00:15 sfrep_index
drwxr-xr-x 2 www www 4.0K Aug 28 14:36 tmp
root@Firepower:~#

 

I checked DNS

admin@Firepower:~$ sudo nslookup database.brightcloud.com

Password:

Last login: Fri Aug 25 15:26:45 UTC 2017

Server:         10.x.x.x

Address:        10.x.x.x#53

 

Non-authoritative answer:

Name:   database.brightcloud.com

Address: 52.202.20.213

Name:   database.brightcloud.com

Address: 52.20.20.6

Name:   database.brightcloud.com

Address: 52.20.169.4

 

admin@Firepower:~$

admin@Firepower:~$ sudo nslookup service.brightcloud.com

Last login: Fri Aug 25 15:30:48 UTC 2017 on pts/0

Server:         10.x.x.x

Address:        10.x.x.x#53

 

Non-authoritative answer:

Name:   service.brightcloud.com

Address: 34.206.114.65

Name:   service.brightcloud.com

Address: 52.2.126.47

 

admin@Firepower:~$ telnet database.brightcloud.com 443

Trying 52.20.20.6...

Connected to database.brightcloud.com.

Escape character is '^]'.

^Z

Connection closed by foreign host.

admin@Firepower:~$

admin@Firepower:~$ telnet service.brightcloud.com 80

Trying 34.206.114.65...

Connected to service.brightcloud.com.

Escape character is '^]'.

^Z^Z

Connection closed by foreign host.

admin@Firepower:~$

 

1 person had this problem
Labels:
0 Helpful
1 Reply 1

JMCNEL
Level 4
Level 4

‎08-28-2017 08:19 AM - edited ‎08-28-2017 08:39 AM

FMC version 6.2.1
5555x FTD version 6.2.0

 

We do have a proxy HOWEVER all communications between the FMC is in bypass mode and the proxy is not affecting this traffic in any way.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card