Re: FMC unable to add FTD

pinjar84062 · ‎04-22-2018

When I try to add sensor from FireSight, it pop-up a dialogue box "Could not establish a connection with sensor. Make sure the registration keys
match, that the software versions are compatible, and that the network is not blocking the connection."

I have double checked the connection and registration keys. FireSight is able to ping the sensor and the registration keys are match.

Our fireSight version is 6.2

And our FTD version is 6.2

Appreciate if anyone can help me to solve this problem. I'm URGENT to fix it.

yogdhanu · ‎04-22-2018

Hi

Please make sure TCP port 8305 is open between FMC and FTD. If that is open, check if there is NAT in between FMC and FTD. You would need to add NAT ID in registration if there is NAT between.

https://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118596-configure-firesight-00.html

If all of the above has already been checked, then please check the logs using the following method.

Login to FTD CLI

>expert

>cd /ngfw/var/log

>sudo tail -f messages

on FMC CLI

>cd /var/log

>tail -f messages

Start the registration process again and check for errors in sftunnel logs.

You may also check if any process is down on FMC or FTD

>sudo pmtool status | grep -i down | grep -i disable

If none of that helps, TAC case can be opened.

Hope it helps,

Yogesh

alvarezax · ‎05-23-2021

quick question: how do you exit the tail -f messages command? CRTL C is not working for me. Please let me know. Thank you

Marvin Rhoads · ‎05-24-2021

@alvarezax CTRL-C should work to terminate the tail output. Some terminal emulators don't always handle it well; so it can be necessary to just close the ssh session manually.