04-27-2021 08:03 AM - edited 04-27-2021 08:12 AM
Hi,
Ive erased the config on a fpr2140 which was being managed by FDM and have now added it to FMC(6.6.1) which seems to have gone through fine, all green ticks etc. Prior to wiping it, the FPR was on 6.6.1 but after wiping it, it's now on 6.3. I tried to do an install of 6.6.1 straight awayfrom the FMC but it failed. I noticed it was still waiting to deploy some config from when it joined so I've tried that but that's failing also. The only error FMC gives me is 'Read Timed Out'... which doesn't say much. I've tried re-doing both but to no avail.
When attempting to deploy the the config changes i also see a warning stating "Update failed/in-progress for one or more devices. Cisco recommends that you proceed with deployment when update completes successfully." which doesn't help much as the upgrade fails too.
Anything i can try?
04-27-2021 02:42 PM
so further troubleshooting has given me a little more detail on the problem. when attempting to deploy the initial policy i get the following:
27-Apr-2021 20:49:11.306,[INFO],(DefenseCenterServiceImpl.java:1407)
com.cisco.nm.vms.api.dc.DefenseCenterServiceImpl, pool-2-thread-5
** REST Request [ CSM ]
** ID : 1302e1d2-a2ac-4265-9176-9b0d833d9a30
** URL: Broadcast message.send.deployment
{
"body" : {
"property" : "deployment:device_failure_configuration_cli",
"argumentList" : [ {
"key" : "PHASE",
"value" : "Phase-6"
}, {
"key" : "DEVICE",
"value" : "2ea48b8a-a750-11eb-9444-dbb4d86b0734"
} ]
},
"user" : "68d03c42-d9bd-11dc-89f2-b7961d42c462",
"type" : "deployment",
"status" : "failure",
"progress" : 100,
"silent" : false,
"restart" : false,
"transactionId" : 51539608090,
When trying to upgrade i get the following on the FMC GUI:
Pre upgrade validation - snort version on device is out of date. Deploy access control policy from FMC and trigger upgrade. Device state is not changed.
so the FMC upgrade says i need to dpeloy the access control policy but when trying to apply the ACL policy i get that above mentioned error.
Running out of ideas.
08-10-2021 01:49 AM
Hello,
I have this problem too.
I deployed FMCv (HA) with FTD-1140 (Version 6.4).
i registered device to FMC and then system wants to deploy intial SYSTEM configuration. but deployment faild with this error:
10-Aug-2021 08:12:07.247,[INFO],(DefenseCenterServiceImpl.java:1431)
com.cisco.nm.vms.api.dc.DefenseCenterServiceImpl, pool-4-thread-5
** REST Request [ CSM ]
** ID : 2781d438-4200-4803-bdd7-eee201d4e3f0
** URL: Broadcast message.send.deployment
{
"body" : {
"property" : "deployment:device_failure_configuration_cli",
"argumentList" : [ {
"key" : "PHASE",
"value" : "Phase-6"
}, {
"key" : "DEVICE",
"value" : "293875f8-f90d-11eb-bdab-89292259c95c"
can anybody help?
08-10-2021 02:03 AM
FMCv HA is only supported since release 6.7.
Also, I would recommend upgrading your Firepower 1140 to at least 6.6.4 (assuming FMC is at that version or higher) and then trying it again.
03-16-2022 07:55 AM
Did you ever resolve this issue? I am running into the exact same thing. Currently I am running FMC on 6.6.5 and my FTD Is 6.4.0.
I am trying again but upgrading FTD prior to adding it to FMC to see if this helps at all.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide