Troubleshooting
Problems encountered during Policy Deployment might be due to, but not limited to:
Misconfiguration
Communication between FMC and FTD
Database and System health
Software defects and Caveats
Other Unique situations
Some of these issues might be easily fixed, while others might require assistance from the Cisco Technical Assistance Center (TAC).
The goal of this section is to provide techniques to isolate the issue or determine the root cause.
FMC Graphical User Interface (GUI)
Cisco recommends each troubleshooting session for deployment failures to start on the FMC appliance.
On the failure notification window, on all versions beyond 6.2.3, there are additional tools that can assist with other possible failures.
Utilize The Deployment Transcripts
Step 1. Pull up the Deployments list on the FMC Web UI.
Step 2. While the Deployments tab is selected, click Show History.
FMCHistory
Step 3. Inside the Deployment History box, you can see all previous deployments from your FMC. Select the deployment in which you would like to see more data.
Step 4. Once a deployment element is selected, the Deployment Details selection displays a list of all devices inside the Transaction. These entries are broken down into these columns: Device Number, Device Name, Status,and Transcript.
DeploymentHist1
Step 5. Select the device in question and click on the transcript option to see the individual deployment transcript which can inform you of failures as well as configurations that are placed on the managed devices.
DeployTranscript1
Step 6. This transcript can designate certain failure conditions as well as indicate a very important number for the next step: Transaction ID.
DeployTransactionID
Step 7. In a Firepower Deployment, the Transaction ID is what can be used to track each individual section of a policy deployment. With this, on the Command-Line of the Device, you can obtain a more in-depth version of this data for remediation and analysis.
This may help you,
Rachel Gomez
