cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3279
Views
0
Helpful
2
Replies

FMC - FTD Registration Fails due to Discovery Failure

osama.mehtab.ga
Level 1
Level 1

Hello Fire-Jumper Community,

I'm have a FMC in which I have added 1x Firepower 4120 FTD Instance and 8x ASA5508-X FTDs. I am currently unable to get my FMC to register another Firepower 4120 FTD which is in the same network.


Connectivity Checks:

1. FTD is able to communicate with FMC (ping success, telnet port 8305 success)

2. FTD & FMC are in same network :)


Steps to connect:

1. Add manager in the FTD with the Key

2. Add the FTD in the FMC with the same key


Output in FMC:

1. Registration shows the "Green Tick - Register".
Communication with <Firewall Name> established, discovery in progress

2. Then appears a "Red Error Message - Discovery"
<Firewall Name> - Discovery failed due to internal error. If problem persists, contact Cisco TAC.

3. Then FMC starts the "Unregistration".
Unregistration completed. <Firewall Name> - Unable to get status message

 

2019-05-16_15h38_16.png

 

I was able to find in the bug search tool the bug "CSCvg62301" that can be the cause of this problem.

Conditions of bug CSCvg62301 :
The can happen with a slow link between the FMC and the device. During discovery, policies are synced between FMC and device, and those can timeout.

Logs in action queue would show RPC timeouts during discovery phase


What I fail to understand is that both devices are on same network and there is not much latency involved then what can be cause of this problem and how to fix it?

2 Replies 2

mateens
Level 1
Level 1

was it solved ? have same issue

msc_
Level 1
Level 1

I had this too, conditions pretty much matched CSCvt08514(https://quickview.cloudapps.cisco.com/quickview/bug/CSCvt08514)

My device was ISA-3000 on code 7.0.1.

Also, I wasn't able to start FDM to manage the device locally, so what I did was an upgrade with the procedure in below article (FTD -> FTD section). I went from 7.0.1 to 7.2.5.
Cisco Secure Firewall ASA and Secure Firewall Threat Defense Reimage Guide - Cisco

Hope this helps someone in the future

Review Cisco Networking for a $25 gift card