cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

FMC ghost device

andre.ortega
Enthusiast
Enthusiast

Hello there,
I have in my lab a FMCv (6.2.3.4) and a ASA5506 running FTD software.
However FMC is showing that there is a deploy in an ASA5515X, that doesn't exist.

How can I remove that ghost deployment?

I have already seen this problem before in a customer, and in that case I opened a TAC, when the engeneer remove the deployment manually, but now, in my lab, I dont have access to TAC...

 

Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions

You can also try the following:

 

1. Connect to FMC  console and elevate to root.
root@FireSIGHT:~# sudo su -

2. Run the following command.
root@FireSIGHT:~# /etc/rc.d/init.d/console restart

Regarding the stuck notification, you can follow these steps to remove it.
1. Check in the notification table the entries with status=7.

OmniQuery.pl -db mdb -e "select status,category,hex(uuid) from notification where status=7;"
+--------+-------------------+----------------------------------+
| status | category          | hex(uuid)                        |
+--------+-------------------+----------------------------------+
| 7      | task:category.150 | 24EB1942AF4B3369B4134E3F345C03F7 |
| 7      | task:category.150 | 07EE0C1F9DF737698DDA0892FE202599 |
+--------+-------------------+----------------------------------+
2 rows in set

2. Delete those entries using the specified uuid.
OmniQuery.pl -db mdb -e 'delete from notification where uuid=unhex("24EB1942AF4B3369B4134E3F345C03F7");'
OmniQuery.pl -db mdb -e 'delete from notification where uuid=unhex("07EE0C1F9DF737698DDA0892FE202599");'

 

View solution in original post

16 REPLIES 16

Roy Harrington
Cisco Employee
Cisco Employee

I seen this happen in a case a few months ago.

 

This usually happens with an unsuccessful deployment which causes a roll back and typically FTD and FMC configurations are not in sync. I would first suggest checking to make sure there are no differences between the gui and the ftd.

 

To fix this you can deploy whats called flex configs which is basically asa cli pushed to the FTD in order to make changes. I would do whats called a deploy once flex config to remove what was not synced between the two.

 

You can also fix this by simply deploying the "ghost policy" it will then be removed after the successful deployment.

 

But there is no 5515 in my environment, how could I check the difference in config?

Please attach the output from under Device>device Management where it show the devices and the names. Also please attach the screenshot of the ghost policy deployment.