Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1235
Views
0
Helpful
5
Replies

Firesight Management not Showing Login Page

Bilal Ahmad
Level 1
Level 1

‎06-19-2016 02:27 AM - edited ‎03-10-2019 06:37 AM

Hi

I am using FSM server on VMware with version v5.4.1.1 (build 33). I am not able to login to the FSM server when I am doing the https to the Server IP address. I also found through CLI that the /var/dev/sda7 is showing 100% utilized and this could be one of the reasons which is stopping me to login to the server.

Below is the output for the df -h command

root@Sourcefire3D:/# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/root 3.7G 722M 2.8G 21% /
devtmpfs 2.0G 56K 2.0G 1% /dev
/dev/sda1 88M 17M 64M 22% /boot
/dev/sda7 238G 238G 0 100% /var
none 2.0G 8.0K 2.0G 1% /dev/shm

 I am also seeing the below output which shows that one file urldb_manifest is about 230G in size. I am not finding any details of this file in internet.Is it safe to delete this file. Please advice.

root@Sourcefire3D:/var/sf/cloud_download/tmp# ls -l
total 225275168
-rw-r--r-- 1 www www 1146 Oct 2 2014 thawteCA.pem
-rw-r--r-- 1 root root 34550 Feb 5 02:26 url_db_dl.log
-rw-r--r-- 1 www www 230681436372 Jun 19 07:55 urldb_manifest
-rw-r--r-- 1 www www 30 May 31 07:41 urldb_manifest.1m
lrwxrwxrwx 1 root root 16 Oct 2 2014 xdelta3 -> /usr/bin/xdelta3

Please advice what could be the issue.

Thanks

    

Labels:
0 Helpful
5 Replies 5

Jetsy Mathew
Cisco Employee
Cisco Employee

‎06-19-2016 10:16 PM

Hello Bilal,

Is it a new installation or an already ongoing one ? if its a new installation , the best way is to reinstall the FMC.

If its an already ongoing one,  then is there any changes that occurred between ? Like any upgrade or sudden shut down due to power loss ? What is the error that you receive while trying to access it ? Could you please attach the screenshot ? Based on the errors we can tell you if its a database issue or not . The related logs with the errors can be found under /var/log/httpd/httpsd_error log AND /var/log/httpd/httpsd_access log.. Please provide the output from that file after accessing the page.

The disk usage can be related to this error.  But to confirm it , we need the outputs from the httpsd  error logs. Provide the output from the following :-

cd /var/

du - sh *

FYI , you are not supposed to delete any files from :var/sf/cloud_download/tmp/ . Before deleting any file we need to confirm with the TAC. 

Regards

Jetsy

0 Helpful

Bilal Ahmad
Level 1
Level 1
In response to Jetsy Mathew

‎06-28-2016 01:43 PM

Hi Jetsy,

Thanks for your reply.

This was a existing installation and we have already added two firepower devices. Now if we do the new installation from scratch and we make a new VM for firesight, what are the things that we need to consider? I mean do we need to take care of licenses which was for the FSM server. Can I ask the same from the licensing@cisco.com , if we do the new installation.

What are the limitation if we do a new installation? Please note that we don't have any policies configured in the FSM server for the firepower modules. Only we just added the two firepower till now.

Please advice

Thanks

Bilal

0 Helpful

Jetsy Mathew
Cisco Employee
Cisco Employee
In response to Bilal Ahmad

‎06-28-2016 10:19 PM

Hello Bilal,

There are two options. EIther you can contact TAC to repair the mysql database which may caused this issue and give a try. But the quickest option would be to reimage. What kind of FMC do you have ? Is it a Virtual or Hardware ? Whenever you reimage or reinstall the  FMC device , you have to verify the license key under System > Licenses > Add new License.

This window will pop up a license key. Global licensing team generates the license based on these license keys. After the reimage or reinstallation , if the license key changes then you can contact the Cisco Global Licensing team and regenerate the required license.

    Licensing : +1 919-574-1701

Let me know if you have a Virtual or Hardware FMC. If its a virtual I will let you know some more steps that you need to take care.

Rate if this post helps you.

Regards

Jetsy 

0 Helpful

Bilal Ahmad
Level 1
Level 1
In response to Jetsy Mathew

‎06-28-2016 11:45 PM

Thanks Jetsy for the reply,

My FSM is on a VMware (ESXi). Please advice.

Thanks

Bilal

0 Helpful

Jetsy Mathew
Cisco Employee
Cisco Employee
In response to Bilal Ahmad

‎06-29-2016 10:31 AM

Hello Bilal,

If you need to redeploy the FMC then first of all you need to verify that you are using manual or automatic MAC in the Virtual Machine.

 Power off the Virtual Machine and go to the settings and  make a note of your MAC address.

 If the MAC starts with 00:50:56 then it’s a manual MAC and you can change it after redeploying the FMC.

 Redeploy the VM using the image for the virtual appliance.

 Disable the option “power on the Virtual Machine after redeploy” .

 Finish re-deploying the device.

Go to the Virtual Machine settings and change the option of MAC to manual and provide the same MAC as follows - 00:50:56:BC:63:14 and save it. (MAC address provided is just a sample )

 Power on the Virtual Machine

 Later you can add the sensor.

 If the MAC is not manual MAC, after redeploy  we should contact the Licensing team with the new MAC address to regenerate the license for the same.

 Regards

Jetsy

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card