01-04-2024 11:38 PM
Hi,
We have CISCO FMC to manage 4 FTD devices 2 in each region and working in HA.
Recently it started behaving abnormally. we cannot deployy any new policy. When we do some changes to acp its and save it and then go to the deployment it says ""All devices are up-to-date".
In health monitor on FMC we get process health. but fmc and all ftd health is shown as normal.
Any idea where to start troubleshooting ? we have rebooted FMC as well and tried after couple of hours still it saves the changes but when we go to deploy it says all devices are up to date.
Regards,
01-05-2024 05:50 AM
Hello,
Probably a stupid question but does your policy correctly targets to devices ?
Regards
01-09-2024 09:58 PM
Yes the policy targets correct devices.
Whenever I add/modify any rule within that acp and save the changes and go to deployment it says "All devices are up-to-date". and it doesn'nt shows any thing to be deployement.
01-10-2024 05:44 AM
You could go into expert mode and try the following:
Run the command OmniQuery.pl -db sdb -e "select device_id, device_name,device_status,job_id from jobs_device_status order by device_status_time;" and see if there are any deployments pending, failed, whatever.
I do suspect that this will require TAC support to correct the issue as it could very well be a corrupt database.
01-24-2024 03:23 PM
Just update a name on the s2sVPN and it will show up or modify something on the config that is being used and deployed already.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide