cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

655
Views
0
Helpful
5
Replies
Highlighted
Beginner

Communication with Firepower Manager failed after blackout

Hello,

 

After a blackout I want to push a modification in my ACP but it seems that the communication between manager and firepower is broken.

 

I delete the manager from each side and then execute this :

 

> configure manager add 10.155.148.202 Cisco123

Manager successfully configured

 

and then :

> show managers

No managers configured.

 

So, on the Firesight center side, I can't add my firewall.

 

Is there a way to resolve this issue without restart/reimage the whole hardware ?

5 REPLIES 5
Highlighted
Hall of Fame Guru

You can check and, if needed, remove the sensor manually manually via manipulation of the mysql database table in FMC using the procedure described in this article:

https://community.cisco.com/t5/firepower/fmc-unable-to-save-a-backup-or-to-upgrade/td-p/3094446


Highlighted

Hi,

Thank you for your help ( I am the coworker of ssambourg)

 

I tried the command :

mysql -padmin sfsnort -e "select name,ip,uuid,role from EM_peers where role !=0"

 

I had one sensor listed :

+----------------+----------------+--------------------------------------+------+
| name           | ip             | uuid                                 | role |
+----------------+----------------+--------------------------------------+------+
| 10.155.148.202 | 10.155.148.202 | 5d278810-bf5a-11e5-9d53-ac144542f4d1 |    1 |
+----------------+----------------+--------------------------------------+------+

 

Then I tried to remove the sensor but I didn't work :

 

With this command "remove_peer.pl 10.155.148.202" I had this message :

 

No peer 10.155.148.202 communication configuration is found

 

And with the command with UUID "remove_peer.pl 5d278810-bf5a-11e5-9d53-ac144542f4d1" I had this message :

 Found  DC 5d278810-bf5a-11e5-9d53-ac144542f4d1 registered

Disabled peer 5d278810-bf5a-11e5-9d53-ac144542f4d1 in EM_peers table

Restarted Communication channel
**************DONE*************

 

Then I checked again with this command "mysql -padmin sfsnort -e "select name,ip,uuid,role from EM_peers where role !=0"

 

and the sensor is still there :


+----------------+----------------+--------------------------------------+------+
| name           | ip             | uuid                                 | role |
+----------------+----------------+--------------------------------------+------+
| 10.155.148.202 | 10.155.148.202 | 5d278810-bf5a-11e5-9d53-ac144542f4d1 |    1 |
+----------------+----------------+--------------------------------------+------+

 

 

 

 

 

 

Highlighted

Hi again,

 

I found this bug in the Cisco db :

 

https://quickview.cloudapps.cisco.com/quickview/bug/CSCvn66960

Do you think that I should update the FP ?

 

Thanks

Highlighted

At this point I would recommend you proceed by opening a TAC case. Manual cleanup of the database without knowing EXACTLY what needs to be done can result in a completely unusable system.

Highlighted

ok thank you for your help.

Content for Community-Ad