Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1450
Views
0
Helpful
5
Replies

Communication with Firepower Manager failed after blackout

ssambourg
Level 1
Level 1

‎03-12-2019 11:52 AM - edited ‎02-21-2020 08:56 AM

Hello,

 

After a blackout I want to push a modification in my ACP but it seems that the communication between manager and firepower is broken.

 

I delete the manager from each side and then execute this :

 

> configure manager add 10.155.148.202 Cisco123

Manager successfully configured

 

and then :

> show managers

No managers configured.

 

So, on the Firesight center side, I can't add my firewall.

 

Is there a way to resolve this issue without restart/reimage the whole hardware ?

Labels:
0 Helpful
5 Replies 5

Marvin Rhoads
Hall of Fame
Hall of Fame

‎03-13-2019 08:09 AM

You can check and, if needed, remove the sensor manually manually via manipulation of the mysql database table in FMC using the procedure described in this article:

https://community.cisco.com/t5/firepower/fmc-unable-to-save-a-backup-or-to-upgrade/td-p/3094446


0 Helpful

fczdfze
Level 1
Level 1
In response to Marvin Rhoads

‎03-14-2019 12:23 AM

Hi,

Thank you for your help ( I am the coworker of ssambourg)

 

I tried the command :

mysql -padmin sfsnort -e "select name,ip,uuid,role from EM_peers where role !=0"

 

I had one sensor listed :

+----------------+----------------+--------------------------------------+------+
| name           | ip             | uuid                                 | role |
+----------------+----------------+--------------------------------------+------+
| 10.155.148.202 | 10.155.148.202 | 5d278810-bf5a-11e5-9d53-ac144542f4d1 |    1 |
+----------------+----------------+--------------------------------------+------+

 

Then I tried to remove the sensor but I didn't work :

 

With this command "remove_peer.pl 10.155.148.202" I had this message :

 

No peer 10.155.148.202 communication configuration is found

 

And with the command with UUID "remove_peer.pl 5d278810-bf5a-11e5-9d53-ac144542f4d1" I had this message :

 Found  DC 5d278810-bf5a-11e5-9d53-ac144542f4d1 registered

Disabled peer 5d278810-bf5a-11e5-9d53-ac144542f4d1 in EM_peers table

Restarted Communication channel
**************DONE*************

 

Then I checked again with this command "mysql -padmin sfsnort -e "select name,ip,uuid,role from EM_peers where role !=0"

 

and the sensor is still there :


+----------------+----------------+--------------------------------------+------+
| name           | ip             | uuid                                 | role |
+----------------+----------------+--------------------------------------+------+
| 10.155.148.202 | 10.155.148.202 | 5d278810-bf5a-11e5-9d53-ac144542f4d1 |    1 |
+----------------+----------------+--------------------------------------+------+

 

 

 

 

 

 

0 Helpful

fczdfze
Level 1
Level 1
In response to fczdfze

‎03-14-2019 12:52 AM

Hi again,

 

I found this bug in the Cisco db :

 

https://quickview.cloudapps.cisco.com/quickview/bug/CSCvn66960

Do you think that I should update the FP ?

 

Thanks

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to fczdfze

‎03-14-2019 01:08 AM

At this point I would recommend you proceed by opening a TAC case. Manual cleanup of the database without knowing EXACTLY what needs to be done can result in a completely unusable system.

0 Helpful

fczdfze
Level 1
Level 1
In response to Marvin Rhoads

‎03-14-2019 01:36 AM

ok thank you for your help.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card