Solved: FMC DHCP Relay Agents doesn't show in the UI or allow any changes

Chess Norris · ‎05-14-2025

Hello,

After migrating an ASA to FTD via the migration tool, the DHCP relay settings are there in the FTD config but they are not viewable in the FMC UI.

When trying to add the DHCP relay agent config in FMC, we see the following error.

So it's like the FMC is aware that the setting exist in the FTD, but it doesn't show it and doesn't allow us to add it again.

We have a TAC case opened but so far TAC has not comed up with a solution.

There is a bug that we suspect is related to this issue - https://bst.cisco.com/bugsearch/bug/CSCwm66653 and there are quite a few support cases connected with this bug, so just curious if someone else had experienced this issue and now how to fix it?

This bug suposed to be fixed in FMC version 7.7 but I dont think a simple upgrade would fix it if the issue is already present.

Thanks

/Chess

Chess Norris · ‎05-21-2025

Finally TAC was able to solve the issue by using the second workarround and change the value in the database table.

We first removed the DHCP relay configuration from the FTD using LinaConfigTool

Then the following commands were issued from the FMC CLI in expert mode.

/Volume/home/admin# OmniQuery.pl

----------------------------

OmniQuery v2.7.0

.:|:.:|:.

----------------------------

cfgdb> select * from policy_fwtools_setting where (data is null or data = '') and setting_enum_id in (select ENUM_ID from fwtools_setting_enum where setting_name='PixDhcpRelayIPv6InterfaceEnabled') and ref_id in (select ref_id from policy_main where type='PixDhcpRelayInterfaceTable' );

+------------+-----------------+------+

| REF_ID | SETTING_ENUM_ID | DATA |

+------------+-----------------+------+

| 4294976106 | 1029 | |

| 4294976107 | 1029 | |

| 4294976108 | 1029 | |

| 4294976109 | 1029 | |

| 4294976110 | 1029 | |

| 4294976111 | 1029 | |

+------------+-----------------+------+

6 rows in set (0.002153 seconds)

cfgdb> update policy_fwtools_setting set data = 'false' where (data is null or data = '') and setting_enum_id in (select ENUM_ID from fwtools_setting_enum where setting_name='PixDhcpRelayIPv6InterfaceEnabled') and ref_id in (select ref_id from policy_main

cfgdb> select * from policy_fwtools_setting where setting_enum_id in (select ENUM_ID from fwtools_setting_enum where setting_name='PixDhcpRelayIPv6InterfaceEnabled') and ref_id in (select ref_id from policy_main where type='PixDhcpRelayInterfaceTable' );

+-------------+-----------------+-------+

| REF_ID | SETTING_ENUM_ID | DATA |

+-------------+-----------------+-------+

| 4294976106 | 1029 | false |

| 4294976107 | 1029 | false |

| 4294976108 | 1029 | false |

| 4294976109 | 1029 | false |

| 4294976110 | 1029 | false |

| 4294976111 | 1029 | false |

| 12885237676 | 1029 | false |

+-------------+-----------------+-------+

7 rows in set (0.001814 seconds)

cfgdb> exit

pmtool restartById Tomcat

After that all DHCP relay configuration were visible in the GUI again and we could make changes and deploy.

/Chess

View solution in original post

nspasov · ‎05-14-2025

I would start with trying the workarounds mentioned in the defect that you referenced. If those do not resolve the issue it is probably best to engage TAC.

Thank you for rating helpful posts!

Thank you for rating helpful posts!

Chess Norris · ‎05-14-2025

Yes, I have already involved TAC. However, they could not get the REST API workarround to work and for the seccond workarround they need to involve BU.

nspasov · ‎05-15-2025

Got it. Please keep us posted on the progress and outcome.

Thank you for rating helpful posts!

Thank you for rating helpful posts!

Chess Norris · ‎05-21-2025

Finally TAC was able to solve the issue by using the second workarround and change the value in the database table.

We first removed the DHCP relay configuration from the FTD using LinaConfigTool

Then the following commands were issued from the FMC CLI in expert mode.

/Volume/home/admin# OmniQuery.pl

----------------------------

OmniQuery v2.7.0

.:|:.:|:.

----------------------------

cfgdb> select * from policy_fwtools_setting where (data is null or data = '') and setting_enum_id in (select ENUM_ID from fwtools_setting_enum where setting_name='PixDhcpRelayIPv6InterfaceEnabled') and ref_id in (select ref_id from policy_main where type='PixDhcpRelayInterfaceTable' );

+------------+-----------------+------+

| REF_ID | SETTING_ENUM_ID | DATA |

+------------+-----------------+------+

| 4294976106 | 1029 | |

| 4294976107 | 1029 | |

| 4294976108 | 1029 | |

| 4294976109 | 1029 | |

| 4294976110 | 1029 | |

| 4294976111 | 1029 | |

+------------+-----------------+------+

6 rows in set (0.002153 seconds)

cfgdb> update policy_fwtools_setting set data = 'false' where (data is null or data = '') and setting_enum_id in (select ENUM_ID from fwtools_setting_enum where setting_name='PixDhcpRelayIPv6InterfaceEnabled') and ref_id in (select ref_id from policy_main

cfgdb> select * from policy_fwtools_setting where setting_enum_id in (select ENUM_ID from fwtools_setting_enum where setting_name='PixDhcpRelayIPv6InterfaceEnabled') and ref_id in (select ref_id from policy_main where type='PixDhcpRelayInterfaceTable' );

+-------------+-----------------+-------+

| REF_ID | SETTING_ENUM_ID | DATA |

+-------------+-----------------+-------+

| 4294976106 | 1029 | false |

| 4294976107 | 1029 | false |

| 4294976108 | 1029 | false |

| 4294976109 | 1029 | false |

| 4294976110 | 1029 | false |

| 4294976111 | 1029 | false |

| 12885237676 | 1029 | false |

+-------------+-----------------+-------+

7 rows in set (0.001814 seconds)

cfgdb> exit

pmtool restartById Tomcat

After that all DHCP relay configuration were visible in the GUI again and we could make changes and deploy.

/Chess