cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
751
Views
1
Helpful
4
Replies

Cisco FMC "All devices are up-to-date" not deploying policy

Wonxie
Level 1
Level 1

Hi,

We have CISCO FMC to manage 4 FTD devices 2 in each region and working in HA.

Recently  it started behaving abnormally. we cannot deployy any new policy. When we do some changes to acp its and save it and then go to the deployment it says ""All devices are up-to-date".

In health monitor on FMC we get process health. but fmc and all ftd health is shown as normal.

Any idea where to start troubleshooting ? we have rebooted FMC as well and tried after couple of hours still it saves the changes but when we go to deploy it says all devices are up to date.

Wonxie_0-1704439958788.png

Regards,

 

 

4 Replies 4

AlexandreMoniot
Level 1
Level 1

Hello,

Probably a stupid question but does your policy correctly targets to devices ?

Regards

Yes the policy targets correct devices.

Whenever I add/modify any rule within that acp and save the changes and go to deployment it says "All devices are up-to-date". and it doesn'nt  shows any thing to be deployement.

 

You could go into expert mode and try the following:

  • less /var/log/messages   and see if there are any hints as to what is going on.
  • Run the command OmniQuery.pl -db sdb -e "select device_id, device_name,device_status,job_id from jobs_device_status order by device_status_time;" and see if there are any deployments pending, failed, whatever.

I do suspect that this will require TAC support to correct the issue as it could very well be a corrupt database.

--
Please remember to select a correct answer and rate helpful posts

louispet66
Level 1
Level 1

Just  update  a name on the s2sVPN and it will show up  or modify something on the config that is being used and deployed already.

Review Cisco Networking for a $25 gift card