cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4283
Views
6
Helpful
5
Replies

Cannot register FTD to FMC

Steve_etc
Level 1
Level 1

Hi All,

 

 

I am having trouble registering a virtual FTD running on a 4415 chassis, to a physical FMC.

 

I have checked the logs and can see:

 

err 9:certificate is not yet valid

 

and the FTD's time is showing as:

 

> show time
UTC - Thu Apr 15 06:17:27 UTC 2010
Localtime - Thu Apr 15 02:17:27 EDT 2010

 

Even though the chassis itself has the correct time (I would have thought, when I create a cirtual device on the chassis, it would take the chasis's time??)

 

So I assume this is the problem Is there anyway I can manually set the time to current on the FTD, baring in mind it is virtual so I cannot locally manage it via a GUI.

 

TIA

 

Steve

1 Accepted Solution

Accepted Solutions

Marvin Rhoads
Hall of Fame
Hall of Fame

I ran into a similar issue several months back. TAC advised to make sure the chassis was synced to NTP and timezone set to UTC. Once I did that, the FTD device and LINA subsystem had the correct time (inherited from the chassis as you surmised).

View solution in original post

5 Replies 5

Chakshu Piplani
Cisco Employee
Cisco Employee

Can you verify the time in FXOS is correct and coming from the NTP server by running command

FPR4100-8-A# scope system 
FPR4100-8-A /system # scope services
FPR4100-8-A /system/services # show ntp-server detail

Below is the guide which might be helpful in t-shooting this:

https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/215468-configure-verify-and-troubleshoot-netwo.html

 

Regards,

Chakshu

 

Do rate helpful posts!

Thank you for the response. There was no output to the commands you specified as NTP was not configured.I configured this, deleted the original VM, rebooted the Chassis, recreated the VM, and it appears to have worked! The VM didn't take the new time even with NTP configured until after the chassis reboot, so not sure exaclty what part fixed the issue, but I suspect configure NTP and reboot chassis were the requried steps.

 

Thanks again for your help!

Marvin Rhoads
Hall of Fame
Hall of Fame

I ran into a similar issue several months back. TAC advised to make sure the chassis was synced to NTP and timezone set to UTC. Once I did that, the FTD device and LINA subsystem had the correct time (inherited from the chassis as you surmised).

Thanks so much for your response!

 

I configure NTP and reboot the chassis. Then when creating VM's the time is indeed taken correctly from the Chassis config.

 

Thank you very much for the help!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: