cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2790
Views
0
Helpful
7
Replies

FMC Database configuration error

DAVIES604
Level 1
Level 1

Hi,

 

I'm running an FMCv version 6.2.3, have been for a while and everything seems to work fine. However if I try and configure the database event values and click save I get an error saying "The Host that you are trying to configure (x.x.x.x) could not be reached" The bracketed IP is very similar to the FMC address, so I'm thinking there was a typo at some point during the build maybe, but I can't work out where it's getting this IP from or where it was configured, and why nothing else is broken. Anyone any ideas?

7 Replies 7

DAVIES604
Level 1
Level 1
So I may have been a bit quick to say nothing else is broken, I get the same error if I try and change anything at all in the System Configuration page, not just the database settings. This was working fine before, so not sure what has changed or where that IP is coming from. The actual functioning of FMC is ok, it's still collecting events, displaying stats, reporting etc.

Turns out the IP address is actually the configured host IP in the Audit Log section, so assuming it must reapply the whole system configuration when you change anything. The problem is it won't let me change anything if it considers the audit log host unreachable, it seems it sends out udp echo requests and gets no response. Has something changed in this behaviour, didn't have this issue before and nothing has changed other than FMC patching?

support.c
Level 1
Level 1

I found a solution.

The error happens when the "Audit Log Host" is unreachable. Under System>Configuration>Audit Log (on the left), see what host is configured. If that host is not reachable from the FMC, any configuration save will fail.

 

Set the host to a reachable IP and save. If it takes the setting, you can then modify and save other settings in System Configuration successfully.

Hi, thanks for your response.

However as described in my post, I worked out it was because the Audit Log Host was unreachable. I actually ended up pointing it at the local FMC address so I could change some settings. However my issue is that I have to now open up the syslog server to respond to these probes, where I did not have to before, so am trying to understand what, if anything, has changed. My syslog server responds to ICMP echo requests, but does not respond to the udp echo request, dest port 7, that my FMC seems to be generating. So really just trying to work out what has changed and where.

 

Many thanks

For anyone who's interested, this turned out to be a bug. Fixed in 6.2.3.14 and 6.4.0.2

Do you have the bug ID?

 

CSCvo50168

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: