cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4355
Views
0
Helpful
8
Replies

connecting FTD with FMC

nsr88nsr69225
Level 1
Level 1

Hello guys, 

I am following an online course with FTD and FMC. when I try to add my FTD to FMC I get en error

Could not establish connection with Device
Possible reasons could be:-

- Time on FMC and Device are not in sync. Make sure NTP is configured on both.
- There might be an IPS device between FMC/Device which might be blocking SSL connectivity between the two. Remove any rule in the IPS device which is blocking SSL connectivity.
- Device and FMC are not listening on same sftunnel Port. Current sftunnel port configured on FMC is 8305, please ensure Device is also using the same port.

the FTD is not local, therefore I can not get the GUI. 

if someone could help me step by step to fix my error, I would really appreciate. 

8 Replies 8

BmfL
Level 1
Level 1

Double check that you have TCP port 8305 open between the two devices / appliances.

In addition, you might want to check if the the FTD is behind a NAT device (in such a case configuration / registration is slightly different).

 

In case what was told does not fix your issue, take a look into the following Cisco document and you will be fine:

https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/215540-configure-verify-and-troubleshoot-firep.html

thanks for the documentation. 

I have gone through, but I have another error now! 

Active Peer [my FTD IP] already exists

but the FTD isn't listed to FMC

FTD / FMC they have a bit buggy behaviour sometimes... I would register again on FTD with new key. Then add on FMC side using this new key.

Thanks for the reply! 
should i delete the pending request from FTD!?

yes? 

how should i delete the pending requests? 

thanks a lot for your reply!

it looks good, but I couldn't find this symbol, which I can put the ip add inside. 

mdb.sfsnort>  delete from EM_peers where name = '172.16.1.240';

 I wanted to connect the ssh with my Mac, but I couldn't find any Cisco documentation about the ssh configuration as well. slow slow, the Cisco is making disappointed 

yes the port 8305 is open in both sides

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: