Flex Config help

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2024 06:59 AM
While trying to insert WCCP into the FTD, the configuration was wrong, TAC gave me the wrong type of ACL which broke the configuration of our running FTD.
I have very limited knowledge of what or how flex config is. I need to remove the wccp part of the configuration so that I can remove the objects tied to it, otherwise it will continue to fail on deployment.
These are the errors
FMC >> clear config access-list Iport-01
3120-FTD >> info : Access-list Iport-01 is attached to class-map, route-map,
username, group-policy, route-inject, distribute-list, multicast, wccp,
dynamic-filter or dynamic-access-policy subsystem.
Please remove the relevant configuration before removing the access-list.
FMC >> clear config access-list HTTPS-Allowed
3120-FTD >> info : Access-list HTTPS-Allowed is attached to class-map, route-map,
username, group-policy, route-inject, distribute-list, multicast, wccp,
dynamic-filter or dynamic-access-policy subsystem.
Please remove the relevant configuration before removing the access-list.
FMC >> no object-group service ProxySG_ExtendedACL_123759482635793
3120-FTD >> info : Removing object-group (ProxySG_ExtendedACL_123759482635793) not allowed, it is being used.
FMC >> no object network Iport-01
3120-FTD >> error : ERROR: unable to delete object (Iport-01). object is being used.
Config Error -- no object network Iport-01
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2024 09:02 AM
we are not sure what configuration provided by TAC, can you go back to cisco TAC case and esclate if this is broken for better support.
make sure you have correect variables : (check below documents) - what version of FTD ?
https://packetjourney.wordpress.com/2019/05/26/firepower-wccp-configuration/
https://community.cisco.com/t5/network-security/wccp-redirection-on-firepower-ftd-4110/td-p/3693642

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2024 11:56 AM
After trying to use Linaconfigtool I found a builtin template to disable WCCP that I applied as flex config policy and it worked, so my FTD is fully operational finally.
