Now upgraded to FTDv100 on VMWare to 7.4.2, got the following issues:
Unlike in 7.3.2, which suddenly stopped all the traffic on interfaces, now on 7.4.2:
- suddenly HostScan stopped working properly, stuck on "HostScan mission complete" and not moving to the next steps, as described in Bug CSCwj08302.
In release notes for 7.4.2 Cisco says this bug is fixed, but it's NOT!!!
- to resolve the issue temporarily, we disabled HostScan. But got the authentication errors for Secure Client users:
[48243] Session Start
[48243] New request Session, context 0x00001487871f14a0, reqType = Authentication
[48243] Fiber started
[48243] Creating LDAP context with uri=ldaps://10.15.132.240:636
[48243] TLS Connection to LDAP server: ldaps://10.15.132.240:636, status = Successful
[48243] supportedLDAPVersion: value = 3
[48243] supportedLDAPVersion: value = 2
[48243] Binding as (svc_CC_ldap@user.ftdisgarbage.local) [svc_CC_ldap@user.ftdisgarbage.local]
[48243] Performing Simple authentication for svc_CC_ldap@user.ftdisgarbage.local to 10.15.132.240
[48243] LDAP Search:
Base DN = [ou=company,dc=user,dc=pb,dc=lo
cal]
Filter = [sAMAccountName=remote_USER]
Scope = [SUBTREE]
[48243] Request for remote_USER returned code (-1) Can't contact LDAP server
[48243] Talking to Active Directory server 10.15.132.240
[48243] Failed to get Active Directory current time, ret code(-1) Can't contact LDAP server
[48243] Fiber exit Tx=291 bytes Rx=660 bytes, status=-2
[48243] Session End
Meanwhile test connection to our LDAP works properly, and our other services authenticated there successfully!
We also checked all the resouces of virtual machine and inside the appliance - everything is sufficient!
AGAIN, TO RESOLVE BOTH ISSUES, WE REBOOT THE FTD - AND IT HELPS!
DEAR SO CALLED DEVELOPERS OF CISCO, WILL YOU EVER MAKE YOUR PRODUCT WORK AS EXPECTED, OR WE BETTER THROW IT AWAY AND MIGRATE TO OTHER VENDOR???
